Small businesses in the UK are particularly at risk from cyber-attacks as they often lack the skills and budgets to put effective cyber security measures in place and mistakenly believe that hackers are not interested in them.  

This couldn’t be further from the truth as research from Hiscox revealed that UK SMEs are the target of an estimated 65,000 attempted cyber-attacks every day, of which over 4,500 are successful – that’s one every 19 seconds! 

With many small businesses lacking credible cyber security strategies to help manage and prevent such attacks however, the impact when they do occur can be disproportionality severe. 

Experts agree that communication during and after a cyber-attack is critical to managing it, yet only 56% can say with confidence that they fully disclose details of a cyber-attack to the relevant internal and external stakeholders.  This is particularly concerning given the introduction of GDPR, which requires all organisations to report a data breach to the ICO within 72 hours and notify affected customers without undue delay. The penalties for non-compliance are fines up to 4% of turnover. 

Most alarming of all, is that the majority (66%) of those that suffered an attack, admit to making no changes to their policies or systems to help prevent further breaches in the future. This is perhaps one of the key reasons why over half (56%) of those who’ve suffered a breach, are the victim of multiple attacks.  

The stats are frightening for SMEs… 

  • 43 percent of cyber-attacks target small business. 
  • Only 14 percent of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective. 
  • 60 percent of small companies go out of business within six months of a cyber-attack. 
  • 48 percent of data security breaches are caused by acts of malicious intent. Human error or system failure account for the rest. 
  • Small businesses are most concerned about the security of customer data. 
  • While many small businesses are concerned about cyber-attacks (58 percent), more than half (51 percent) are not allocating any budget at all to risk mitigation. 
  • Many feel they don’t store any valuable data, yet many reported that they store pieces of customer information that are of significant value to cyber criminals – 68 percent store email addresses; 64 percent store phone numbers; and 54 percent store billing addresses. 
  • Only 38 percent regularly upgrade software solutions and just 22 percent encrypt databases. 
  • If they have a password policy, 65 percent do not enforce it. 

The bottom line: As cyber criminals continue to target small businesses, owners and employees need to know how to protect both their customers and themselves. 

We help SME owners across Yorkshire and beyond understand the risks to their business from cyber threats. We give them peace of mind by running a free dark web search to check if their data is already for sale on the dark web and help them take steps to prevent it being used against them. 

If you’re worried your SME might be at risk from a cyber attack, get in touch right away. Call
0333 772 0512 or email help@sodait.co.uk.