Staggering statistics show the true cost of cyber crime to small businesses
By James Young | 5th August 2019
Cyber attacks are costing small business as much as £4.5 billion per year - with SMEs subject to an incredible 10,000 attacks per day.
Research from the Federation of Small Businesses show that 20 per cent of small firms have been the victim of a cyber attack in the past two years,.
More than seven million individual attacks are reported over the same period, equating to 9,741 incidents a day.
The annual cost of such attacks to the small business community is estimated to be £4.5 billion, with the average cost of an individual attack put at £1,300.
Victims are most frequently subject to phishing attempts, with 530,000 small firms suffering from such an attack over the past two years.
Hundreds of thousands of businesses also report incidences of malware (374,000), fraudulent payment requests (301,000) and ransom-ware (260,000).
Martin McTague, FSB policy and advocacy chairman, said: "These findings demonstrate the sheer scale of the dangers faced by small firms every day in the digital arena.
"The issue of business crime is overlooked too often - even more so of late in this climate of sustained political uncertainty and inaction. Meaningful steps must be taken to safeguard our small firms, and by extension the wider economy.
"More small firms are waking up to the threat of cybercrime. It's a threat that's evolving rapidly, but too many small businesses still lack access to the resources and budgets needed to contain it.
One in three small firms (35 per cent) say they have not installed security software over the past two years.
Four in ten (40 per cent) do not regularly update software, and a similar proportion do not back up data and IT systems. Fewer than half (47 per cent) have a strict password policy for devices.
Mr McTague added: "The Government should be doing more to tackle this scourge by enhancing the current policing response - including investing more in cyber upskilling for police personnel as part of its wider recruitment push.
"There's also a discussion to be had about whether tackling cyber threats should be handled entirely by specialists at the regional or national level, rather than local constabularies, building on the work of the National Crime Agency.
"Banks also have a role to play. They should be building in as much resilience as possible into banking and payments systems, and made liable for the losses of business - not just consumer - customers when they fall victim to cyber-crime.
"Software providers could also be doing more. Government should be prepared to step-in and require automatic patching and updates to be the default option for all software products."
Copyright 2019 Moose Partnership Ltd. All rights reserved. Reproduction of any content is strictly forbidden without prior permission.