Why hackers are increasingly targeting small businesses – and what you can do about it
Almost half of small businesses were targeted by hackers last year. David Prosser explains what is behind the cyber attacks.
Cyberattacks can strike almost any company. Books and crafts retailer The Works had to close some stores temporarily this week after hackers got into its systems.
In February, deliveries of crisps and nuts were disrupted when KP Snacks was hit by a ransomware attack. Smaller businesses certainly aren’t immune. The government’s latest annual Cyber Security Breaches Survey reports that 48% of small businesses have identified a cyberattack over the 12 months. Worse still, 31% say they are now being attacked at least once a week.
The impact of these attacks can be considerable. While many breaches are repelled, hackers only need to get lucky once. The government’s data suggests that one in five attacks have direct negative consequences, ranging from financial costs to a loss of data. The average bill for each such attack was £3,080 for small businesses.
Subscribe to MoneyWeek
Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE
Sign up to Money Morning
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
The pressure is on for small businesses to invest in cybersecurity, not least due to fears that Russian hackers could increase attacks on Western organisations. Equally, the response needs to be proportionate. Small businesses are less likely to find themselves on the end of an attack from state actors, and their resources are more limited anyway. Few small businesses are in a position to appoint in-house cybersecurity professionals.
Taking care of business
Many small businesses are already making good use of third-party products and services that provide a decent level of protection. There is also growing awareness of the potential value of cyber insurance policies, which can provide practical support as well as covering financial losses. However, small businesses need to address these issues coherently. The government’s data suggests only 37% of small businesses have a formal cybersecurity strategy in place, which suggests too many firms haven’t thought about how to protect themselves. In any case, it would be a mistake to depend entirely on third-party support. Every business, irrespective of size, is capable of making its own improvements through a focus on basic precautions.
How to get started
The government-backed Cyber Essentials scheme is a good starting point. It aims to equip businesses with the tools to protect against common cyberattacks, such as phishing threats, and to reduce their vulnerabilities through solutions such as patching software.
Taking part can also drive commercial benefits. Businesses certified as having met the scheme’s requirements will have a more reassuring story to tell customers. Some potential clients may even make certification a requirement for their suppliers: the government already insists on this for certain public sector contracts. Getting certified carries a cost of up to £500, depending on the size of your business. But there is lots of free help to get you through the process and improve your security. The government’s National Cyber Security Centre publishes a Cyber Essentials Readiness Tool to help you get started. A questionnaire will help you determine your current level of cybersecurity and provide you with information, as well as a custom plan for you to follow based on your answers.
Sign up to Money Morning
Our team, led by award winning editors, is dedicated to delivering you the top news, analysis, and guides to help you manage your money, grow your investments and build wealth.
David Prosser is a regular MoneyWeek columnist, writing on small business and entrepreneurship, as well as pensions and other forms of tax-efficient savings and investments. David has been a financial journalist for almost 30 years, specialising initially in personal finance, and then in broader business coverage. He has worked for national newspaper groups including The Financial Times, The Guardian and Observer, Express Newspapers and, most recently, The Independent, where he served for more than three years as business editor.
-
Christmas at Chatsworth: review of The Cavendish Hotel at Baslow
MoneyWeek Travel Matthew Partridge gets into the festive spirit at The Cavendish Hotel at Baslow and the Christmas market at Chatsworth
By Dr Matthew Partridge Published
-
Tycoon Truong My Lan on death row over world’s biggest bank fraud
Property tycoon Truong My Lan has been found guilty of a corruption scandal that dwarfs Malaysia’s 1MDB fraud and Sam Bankman-Fried’s crypto scam
By Jane Lewis Published
-
Business rates relief to be slashed – how to cut costs
Labour has promised to reform business rates, the corporate equivalent of council tax
By David Prosser Published
-
Rouble hits two-year low against the dollar – what does it mean for Russia's economy?
New US sanctions have plunged the rouble to its lowest level since 2022. Why are investors spooked and how will this affect Putin's economy?
By Alex Rankine Published
-
Has Javier Milei succeeded in transforming Argentina's economy?
Javier Milei won an election last year on an “anarcho-capitalist” platform, promising to take a chainsaw to the overbearing and bloated state. How’s it going?
By Simon Wilson Published
-
Brazil booms – but why do investors remain wary?
Brazil is booming, but you wouldn’t think so from looking at the stock market. What's behind the market paranoia?
By Alex Rankine Published
-
How small businesses can take advantage of new sources of finance
Small business Banks have reduced lending to small companies, but there are alternatives as the finance market continues to evolve
By David Prosser Published
-
Do we need central banks, or is it time to privatise money?
Analysis Free banking is one alternative to central banks, but would switching to a radical new system be worth the risk?
By Stuart Watkins Published
-
Will the R&D tax credit change in the Autumn Budget?
Will Labour revise state help designed to foster R&D in the upcoming Autumn Budget?
By David Smith Published
-
How to improve economic output using the supply-side approach
Boosting potential economic output through public investment is crucial, says David C. Stevenson
By David C. Stevenson Published