Cybersecurity is crucial for small businesses
Small companies tend to neglect the defence of their digital data, but the risks are very high, says David Prosser.
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Twice daily
MoneyWeek
Get the latest financial news, insights and expert analysis from our award-winning MoneyWeek team, to help you understand what really matters when it comes to your finances.
Four times a week
Look After My Bills
Sign up to our free money-saving newsletter, filled with the latest news and expert advice to help you find the best tips and deals for managing your bills. Start saving today!
Small and medium-sized businesses (SMEs) are under-protected from cybersecurity risk, while the pandemic has increased their vulnerability to attacks. The European Union Agency for Cybersecurity (ENISA) says a third of SMEs have experienced a cyber incident over the past five years. Half believe that a serious incident could completely sink their company.
Despite this level of risk, most SMEs have only basic protections in place. The majority of smaller firms have taken steps such as installing firewalls and anti-virus software, but only a minority routinely train staff on cybersecurity issues or use more sophisticated protection tools.
MoneyWeek
Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE
Sign up to Money Morning
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
The big challenge, says ENISA, is that managers are not sufficiently focused on the potentially existential threat that cyberattacks pose. As a result, their efforts to counter the threat often fall short of what is required. They don’t invest enough money in cybersecurity, they fail to recruit the right type of cybersecurity expertise, and they favour seemingly quick fixes such as anti-virus software, rather than building a culture of cybersecurity awareness.
Shocking statistics
Such complacency leaves smaller firms exposed. Research published by Vodafone in early 2021 found that 41% of UK SMEs had suffered cyberattacks over the previous 12-month period, with 20% experiencing multiple attacks. It warned that as many as 1.3 million UK SMEs could collapse completely after falling victim to a cyber-attack.
ENISA’s most important recommendation is that SMEs should focus on how to build stronger cultures of cybersecurity, with management working harder to build employees’ awareness. The agency suggests practical steps such as regular cybersecurity audits, training for staff, the development of cybersecurity policies, and work on incident response plans.
More technical steps will also help. Too few SMEs are taking steps to secure their devices, such as installing all software patches and upgrades, encrypting data and focusing on how to manage mobile devices. Network security also needs to be reviewed, particularly as more staff work remotely. Third parties such as suppliers may also be introducing new vulnerabilities.
However, the starting point for many smaller businesses will be to recognise that they represent an attractive target. SMEs are less likely to have robust defences in place than their larger counterparts.
Even simple steps can prove hugely valuable. For example, SMEs that routinely back up their systems and data will be much less vulnerable to ransomware attacks. Firms that introduce multi-factor authentication on remote devices decrease their chances of attackers getting in this way.
-
How a ‘great view’ from your home can boost its value by 35%A house that comes with a picturesque backdrop could add tens of thousands of pounds to its asking price – but how does each region compare?
-
What is a care fees annuity and how much does it cost?How we will be cared for in our later years – and how much we are willing to pay for it – are conversations best had as early as possible. One option to cover the cost is a care fees annuity. We look at the pros and cons.
-
"Botched" Brexit: should Britain rejoin the EU?Brexit did not go perfectly nor disastrously. It’s not worth continuing the fight over the issue, says Julian Jessop
-
'AI is the real deal – it will change our world in more ways than we can imagine'Interview Rob Arnott of Research Affiliates talks to Andrew Van Sickle about the AI bubble, the impact of tariffs on inflation and the outlook for gold and China
-
Tony Blair's terrible legacy sees Britain still sufferingOpinion Max King highlights ten ways in which Tony Blair's government sowed the seeds of Britain’s subsequent poor performance and many of its current problems
-
How a dovish Federal Reserve could affect youTrump’s pick for the US Federal Reserve is not so much of a yes-man as his rival, but interest rates will still come down quickly, says Cris Sholto Heaton
-
New Federal Reserve chair Kevin Warsh has his work cut outOpinion Kevin Warsh must make it clear that he, not Trump, is in charge at the Fed. If he doesn't, the US dollar and Treasury bills sell-off will start all over again
-
How Canada's Mark Carney is taking on Donald TrumpCanada has been in Donald Trump’s crosshairs ever since he took power and, under PM Mark Carney, is seeking strategies to cope and thrive. How’s he doing?
-
Rachel Reeves is rediscovering the Laffer curveOpinion If you keep raising taxes, at some point, you start to bring in less revenue. Rachel Reeves has shown the way, says Matthew Lynn
-
The enshittification of the internet and what it means for usWhy do transformative digital technologies start out as useful tools but then gradually get worse and worse? There is a reason for it – but is there a way out?
