Cyber attacks on SMBs 'cost UK economy £5.36 billion'
Small businesses need help to combat millions of attacks faced every year
UK SMBs suffer a cyber attack seven million times a year, with the average hack costing them 3,000, new research has shown.
The Federation of Small Businesses (FSB) found that SMBs are the victim of an average of four cyber attacks every 24 months, with 66 per cent of the 1,006 organisations surveyed having been a victim of cyber crime at some point.
Typically, attacks targeting SMBs take the form of phishing (49 per cent), spear phishing (37 per cent), malware attacks (29 per cent) and "card not present" credit and debit card fraud.
While the average 3,000 cost of cyber attacks over the course of 2014 - 2015 may look relatively small, the aggregate cost of all cyber attacks on SMBs was 5.36 billion over the same period, according to the research.
This, in turn, can have a significant impact on the UK economy, as 99 per cent of companies in the country are small businesses with fewer than 250 employees, but which generate half of the UK's GDP, according to government data.
A total 93 per cent of respondents had some kind of cyber crime defence in place - normally security software and regular backups, but also 'strong' password policies or crisis plans - small businesses naturally have fewer resources, both financial and human, than their larger counterparts.
This can mean any IT professional employed in-house may be too spread too thinly to focus on security, that IT is outsourced to someone who is, once again, a generalist rather than a security specialist, or the "tech support" role may be incorporated into another job, rather than there being a dedicated team member.
Additionally, the lack of financial capital may mean businesses cannot afford to update their systems as frequently or invest in new technologies to help keep them secure, the FSB found.
Consequently, these businesses may not be implementing best practice, effectively through no fault of their own.
While this soft-spot can make SMBs an attractive target for hackers in their own right, they are also a potential portal to an even bigger pot of gold, with criminals or nation states attacking small businesses with the ultimate aim of gaining access to customers' systems further up the supply chain, particularly large enterprises and government entities.
Commenting on the study, Stephen Love, security practice lead for EMEA at IT vendor Insight, said: "The ... study highlights a key issue in the business landscape - the fight against cyber crime needs to be collaborative. When trying to protect itself against malicious attacks on its network, a small business finds itself in a David versus Goliath situation. But work with thousands of other small businesses, enterprises and the government, soon the small business becomes the goliath."
"However, no business should rely on the actions of others," Love added. "It's too easy to let others fight the fight without getting your hands dirty.
"Collaboration is definitely key in the fight against cyber-attacks. However, this means every business needs to be doing everything they can to put the most effective processes and solutions in place to protect themselves, and not wait for someone else to win the battle."
2,000 days: the CIO's world in 2025
What the role of the CIO will look like in five years timeDownload now
The workers' experience report
How technology can spark motivation, enhance productivity and strengthen securityDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now
The IT roadmap from modernisation to innovation with consistent hybrid cloud
A guide to a modern, cloud-enabled IT infrastructureDownload now