Cybersecurity is crucial for small businesses

Small companies tend to neglect the defence of their digital data, but the risks are very high, says David Prosser.

Small and medium-sized businesses (SMEs) are under-protected from cybersecurity risk, while the pandemic has increased their vulnerability to attacks. The European Union Agency for Cybersecurity (ENISA) says a third of SMEs have experienced a cyber incident over the past five years. Half believe that a serious incident could completely sink their company.

Despite this level of risk, most SMEs have only basic protections in place. The majority of smaller firms have taken steps such as installing firewalls and anti-virus software, but only a minority routinely train staff on cybersecurity issues or use more sophisticated protection tools.

ENISA’s data suggests that the five most common threats to SMEs are: phishing attacks; web-based raids; general malware; malicious insiders; and denial-of-service strikes. What’s more, measures introduced by many SMEs during the pandemic, including remote-working practices and contactless-payment options, have given cyberattackers new opportunities.

The big challenge, says ENISA, is that managers are not sufficiently focused on the potentially existential threat that cyberattacks pose. As a result, their efforts to counter the threat often fall short of what is required. They don’t invest enough money in cybersecurity, they fail to recruit the right type of cybersecurity expertise, and they favour seemingly quick fixes such as anti-virus software, rather than building a culture of cybersecurity awareness.

Shocking statistics

Such complacency leaves smaller firms exposed. Research published by Vodafone in early 2021 found that 41% of UK SMEs had suffered cyberattacks over the previous 12-month period, with 20% experiencing multiple attacks. It warned that as many as 1.3 million UK SMEs could collapse completely after falling victim to a cyber-attack.

ENISA’s most important recommendation is that SMEs should focus on how to build stronger cultures of cybersecurity, with management working harder to build employees’ awareness. The agency suggests practical steps such as regular cybersecurity audits, training for staff, the development of cybersecurity policies, and work on incident response plans.

More technical steps will also help. Too few SMEs are taking steps to secure their devices, such as installing all software patches and upgrades, encrypting data and focusing on how to manage mobile devices. Network security also needs to be reviewed, particularly as more staff work remotely. Third parties such as suppliers may also be introducing new vulnerabilities.

However, the starting point for many smaller businesses will be to recognise that they represent an attractive target. SMEs are less likely to have robust defences in place than their larger counterparts.

Even simple steps can prove hugely valuable. For example, SMEs that routinely back up their systems and data will be much less vulnerable to ransomware attacks. Firms that introduce multi-factor authentication on remote devices decrease their chances of attackers getting in this way.

Recommended

Just how powerful is artificial intelligence becoming?
Tech stocks

Just how powerful is artificial intelligence becoming?

An uncannily human response from an artificial intelligence program sparked a minor panic last month. But just how powerful are machines getting – and…
2 Jul 2022
Persimmon yields 12.3%, but can you trust the company to deliver?
Share tips

Persimmon yields 12.3%, but can you trust the company to deliver?

With a dividend yield of 12.3%, Persimmon looks like a highly attractive prospect for income investors. But that sort of yield can also indicate compa…
1 Jul 2022
The MoneyWeek Podcast: nuggets of positivity in an extended bear market
Investment strategy

The MoneyWeek Podcast: nuggets of positivity in an extended bear market

Merryn and John talk about he need for higher wages and lower house prices, and why the fact that this is the least dramatic bear market they’ve ever …
1 Jul 2022
Here are the best savings accounts on the market now
Savings

Here are the best savings accounts on the market now

With inflation at more than 9%, your savings are not going to keep pace with the rising cost of living. But you can at least slow the rate at which yo…
1 Jul 2022

Most Popular

UK house prices are definitely cooling off – but are they heading for a fall?
House prices

UK house prices are definitely cooling off – but are they heading for a fall?

UK house prices hit a fresh high in June, but as interest rates start to rise, the market is cooling John Stepek assesses just how much of an effect h…
30 Jun 2022
The ten highest dividend yields in the FTSE 100
Income investing

The ten highest dividend yields in the FTSE 100

Rupert Hargreaves looks at the FTSE 100’s top yielding stocks for income investors to consider.
22 Jun 2022
The ten highest dividend yields on Aim
Income investing

The ten highest dividend yields on Aim

Rupert Hargreaves picks the highest-paying dividend stocks on Aim, London’s junior market for small and medium-sized growth companies.
29 Jun 2022