Cybercrime costing small firms millions
05 August 2019
Research from the Federation of Small Businesses (FSB) shows that small businesses are collectively subject to almost 10,000 cyber-attacks a day.
In January 2019 the FSB surveyed 1,135 businesses. Key findings include:
- One in five (20%) small firms say a cyber-attack has been committed against their business in the two years to January 2019. More than seven million individual attacks are reported over the same period, equating to 9,741 incidents a day.
- The annual cost of such attacks to the small business community is estimated to be £4.5 billion, with the average cost of an individual attack put at £1,300.
- Victims are most frequently subject to phishing attempts, with 530,000 small firms suffering from such an attack over the past two years. Hundreds of thousands of businesses also report incidences of malware (374,000), fraudulent payment requests (301,000) and ransom-ware (260,000).
- Those based in the North West, South East and West Midlands are most likely to be the victims of cyber-attacks, with 25%, 23% and 21% of small businesses in these areas reporting cyber incidences respectively.
- One in three small firms (35%) say they have not installed security software over the past two years. Four in ten (40%) do not regularly update software, and a similar proportion does not back up data and IT systems. Fewer than half (47%) have a strict password policy for devices.
CIPP comment From the time lost dealing with an attack to possible reputational damage, the impact can be considerable. The government’s Cyber Aware campaign encourages individuals and small businesses to adopt simple activities that make a big difference including:
|