Small businesses face a cybercrime wave

Small companies face the full range of cyber dangers, but they can defend themselves without breaking the bank or stifling innovation

Cyber attacks on well-known brands often seize media attention. However, small companies are just as vulnerable, and must take steps to defend themselves.

The victims of cyber attacks we hear about on the news tend to be household names with millions of customers, not smaller businesses with 250 or fewer employees. In reality, some 66 per cent of UK small firms have been affected by cybercrime, resulting in about £5 billion of losses annually, according to the Federation of Small Businesses (FSB).

“That doesn’t include any estimate of the reputation and opportunity costs, as well as the third-round costs that might spill over to suppliers and customers,” warns Mike Cherry, the FSB’s national chairman.

Most attacks are now financially motivated and everybody is potentially a target. Just because you’re not big doesn’t mean you’re not at risk

- Dominic Trott, associate research director, International Data Corporation

Small businesses make good targets because they increasingly hold customers’ names, addresses and banking information on their servers: exactly the kinds of things hackers want to get their hands on. And while big businesses may appear like Fort Knox in terms of their cyber defences, less well-resourced small businesses can seem like easy pickings by comparison.

“In the past, hackers tended to be kids who wanted to take down big firms for glory, but that is not the case anymore,” says Dominic Trott, an associate research director at International Data Corporation (IDC), who specialises in cybersecurity. “Most attacks are now financially motivated and everybody is potentially a target.”