Research and reports
Whether you’re a sole trader or a larger company with employees, it’s important that you protect your business against cyber attacks.
Read on to find out why small businesses feel ill-equipped to deal with cyber threats, the most common attacks, and how you can better protect your business.
Almost three quarters (73 per cent) of small businesses lack the capability and expertise to withstand a cyber security attack, according to research from security operations firm Arctic Wolf.
This comes at a time when cyber threats are becoming increasingly sophisticated and businesses are more vulnerable as a result of the Covid-19 pandemic. Our simple guide will help you on your way to protecting your business.
Cyber security is the act of protecting the devices and online services we use from theft or damage. This includes smartphones, laptops, tablets and computers, as well as preventing unauthorised access to the personal data you store about your customers.
You may think cyber security is only for large multinational businesses, but it’s vital for all businesses.
As we’ve mentioned, cyber security is important for protecting your business from online threats like theft, extortion and damage. Potential hackers may try to gain unauthorised access to personal information, passwords, intellectual property, financial data, or sensitive data to cause harm to your business.
Financial loss, data breaches, and reputational damage are just some of the risks of a cyber attack.
If your business has reached a certain size, you might consider hiring a cyber security analyst.
Julia Studholme, Cyber Security Analyst at Simply Business, says:
“Now, more than ever, cyber security is at the forefront of organisations of all sizes. Cyber attacks are routinely front-page news, but in addition to the reputational damage that attacks can have on businesses, they can cause a major amount of business disruption too. Behind the headlines, there’s often further damage to business operations such as system outages, data loss and financial losses too.”
Lloyds Bank recently published a Business Digital Index for the UK, which highlights how cyber security tasks are fundamental to keeping a business safe. It says there are five key cyber security tasks that all businesses should be doing:
However their research found that only half of all businesses are able to do all five of these tasks, while 30 per cent of businesses are knowingly connecting to unsecured wifi networks.
Many small businesses are experiencing cyber security ‘alert fatigue’, according to a survey of over 500 small and medium sized business owners carried out by security operations firm Arctic Wolf.
Alert fatigue could mean some businesses are ignoring important warnings due to the high number they receive each week.
Almost two fifths (39 per cent) of business owners surveyed said they felt overwhelmed by the volume of security alerts their business receives, with many receiving up to 75 alerts a day.
Businesses that ignore important security alerts could be at risk of a cyber attack or data breach, particularly if they don’t have the right protection in place.
Balancing the importance of cyber security with core business activity is challenging for many firms.
According to Arctic Wolf’s study, 55 per cent of business owners said they regularly deprioritise cyber issues in favour of other business activity.
The cyber attacks statistics show that 34 per cent of respondents admitted to not having time to keep across every threat or alert.
It’s been suggested that some small businesses treat cyber security as low-priority because they think hackers are more likely to go after the biggest organisations.
However, the 2021 Data Breach Investigation Report from Verizon reports that almost a third (28 per cent) of data breaches in 2020 involved small businesses.
A cyber attack is when a hacker tries to disable systems, steal data, or destroy information by gaining unauthorised access to computer systems.
The European Union Agency for Cybersecurity (ENISA) has revealed a common list of cyber attacks experienced by small and medium-sized businesses:
It ’s important to have a robust defence against cyber attacks in place. And, as the technology used to carry out attacks develops quickly, you’ll need to review your procedures regularly.
Some of the simplest things you can do include:
Read our guide to securing your small business against a cyber attack for more tips on how you can prepare for the worst-case scenario.
As the number of recent cyber attacks continues to grow, cyber insurance could help to protect your small business.
This type of insurance could be beneficial for your business if you hold sensitive data such as personal customer details, rely on computer systems and online software, or have a payment card industry (PCI) merchant services agreement.
Read our guide to cyber insurance for small businesses to find out more about the biggest cyber attacks, the data breaches you could be fined for, and the software you can use to protect your business.
The Covid-19 pandemic has made small businesses more vulnerable to cyber security breaches, such as Man-in-the-Middle attacks, according to ENISA.
It says that increased remote working and use of contactless payment methods have given attackers new opportunities to target.
This is backed up by Verizon’s 2021 Data Breach Investigation Report, which suggests that 22 per cent of small and medium-sized businesses have suffered a security breach due to a remote worker since March 2020.
Speaking of the common threats and trends related to cyber security, Studholme said:
“Since the start of the pandemic, widespread adoption of remote working has added a layer of complexity when it comes to cyber security risks. Not only do companies have to concern themselves with all of the devices on their corporate networks, but they have to consider devices that are on employee’s home networks too, over which they have much less visibility.
“One of the main threats facing businesses today is cloud vulnerabilities. The adoption of cloud-based services and infrastructure (and in some cases, multi-cloud adoption) has meant businesses become a prime target for attackers.”
Although it might be difficult to stop every threat, small businesses can protect themselves in a post-pandemic market by having as many layers of defence as possible and creating obstacles for hackers to get around.
These could include multi-factor authentication technology and regularly training staff about the cyber security threats they face.
How do you protect your business against cyber attacks and data breaches? Let us know in the comments below.
Conor Shilling / Catriona Smith
We create this content for general information purposes and it should not be taken as advice. Always take professional advice. Read our full disclaimer
6th Floor99 Gresham StreetLondonEC2V 7NG
Sol House29 St Katherine's StreetNorthamptonNN1 2QZ
© Copyright 2023 Simply Business. All Rights Reserved. Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). Xbridge Limited (No: 3967717) has its registered office at 6th Floor, 99 Gresham Street, London, EC2V 7NG.