↩ Back to Blog

27% of SMEs are Vulnerable to Cyber-Attacks Due to Being Uneducated

One of the first, and most important lines of defence when it comes to business related cybercrime is your staff.

However, the results of recent research into the effects of cyber-crime, found that over a quarter of UK-based SMEs (27%) are failing to properly educate and train their staff on the threat of a cyber-attack.

SMEs aren’t alone in their ignorance, however, two thirds of the UK’s top 350 businesses understand the threat of a cyber-attack in the digital age.

Over a quarter of SMEs say that they do not train and educate their staff about the threat of cyber-security. This is mostly due to a lack of knowledge on the subject, as well as a lack of understanding their cyber-risk profile, with 20% of SMEs never assessing the business’ exposure to cyber-risk.

From 2015 to 2016, there was a 78% rise in claims for cyber-attacks, with 90% of those claims being made by businesses with less than £50 million in revenue. This highlights just how vulnerable SMEs are to even the most basic of cyber-attacks.

When asked what they believe poses the biggest threat to their business, cyber-crime came second only to Brexit. By sector, SME’s in the IT and manufacturing sector believe cyber-crime to be their biggest threat. In comparison, only 8% overall are concerned about traditional crime. Despite these concerns, 80% of SMEs still do not own cyber-insurance.

A recent Cyber Governance Health Check discovered that the cost of cyber-breaches and attacks on business reached millions, but the most common types of attacks involved viruses, spyware or malware – all of which could have been easily prevented.

Robert Daniels, BT Security’s general manager of portfolio strategy and propositions, says: “A lot of small business owners understand that security is important. However, because they are their own CEOs and CFOs and doing everything else including putting out the rubbish, they don’t have the time to gain the knowledge they need to make sure their business is safe.

“Many SMEs believe that the size of their business means they aren’t even on the radar of most criminals.  “Hackers know this,” says Mr Daniels. “They’re lazy. They won’t go to the very big corporations that have invested heavily to protect themselves, they’ll go for the ones who don’t have sufficient security in place.”

To combat cyber-crime it is important to make sure your staff is educated. Encourage good practises such as locking computers, updating to the latest version of anti-virus etc.

Please contact us if you would like any more help or advice about cyber security.

Source: Business Line Insurance