Cybercriminals continue to squeeze the life out of SMEs

Gone are the days of swag bags and face masks, your modern-day criminal is difficult to spot in most cases, impossible to even identify. No longer are they lurking outside your door as it would seem they are progressively switching the use of a crowbar to a laptop or smartphone – something just at the end of their fingertips to be used without having to leave the comfort of their own home.

SMEs are increasingly being targeted by fraudsters and hackers trying to withdraw money from the business. Gone are the days of the criminal leaning over the counter and removing money directly from the till as they employ skils and techniques akin to those in a Holywood movie, targetting businesses and finding their weaknesses, exploiting them for money wherever possible.

Research from Beaming has revealed that two-thirds of UK companies, employing between 10 – 49 people, fell victim to some kind of cybercrime last year. The costs for a small business can be huge and many will be unaware of the impact an attack can have. Damaged assets, financial penalties, business downtime/interruption, ransom-demands and IT forensics are just some of the costs of a serious cyber-attack and on average amount to anywhere in the region between £65,000 and £115,000 for small business.

The cost of cyber-crime to SME in the UK in the last year is estimated at £13.6bn, around 80% of the costs registered by businesses both large and small. In the national press, cyber-crime against small business is largely overlooked, with incidents to hit corporate and conglomerate businesses ever reported. This fuels the misconception that the chance of this happening to your business unlikely.

Larger businesses may fall victim at a faster rate due to increased risk exposures, such as the larger turnover of employees which increases the potential factors of vulnerability. However, they also implement multiple layers of protection to limit the spread of an attack and at the same time will have thorough disaster recovery programmes in place. Smaller businesses, on the other hand, will be targeted for technical weaknesses, in company networks, systems and employees.

So, what can SMEs do to protect themselves?

We urge smaller businesses to adopt a Prevent and Protect to covering off any exposure to cyber-risks and potential attacks. It is crucial that your systems are protected and monitored and if you have any concerns in what you currently have in place, we urge you to consult with your IT solution providers, should you have one.

Being proactive and tackling the risks head-on is essential but it cannot guarantee with a 100% certainty that an attack will be prevented. For that reason, you should consider ensuring that you have Cyber insurance in place. Insurance solutions can be provided for all kinds of scenarios but crucially the insurance will protect the longevity of your business and cover any potential outlay and costs of a cyber-attack.

It is important to maintain and obtain a balance between Prevention and Protection of your cyber risks. We recently conducted a webinar as part of our Cyber Loss Prevention Forum and this is available free to all here.