Are SMEs taking the right precautions against cybercrime?

When big brands, such as Facebook, Spotify and British Airways, are hit by online criminal activity, it often makes headline news. However, just because attacks on SMEs and the self-employed aren’t as widely reported doesn’t mean they’re not happening. From hacking extortion to malware infection, to phishing scams, there is a wide range of cyber-attacks that can pose a threat to organisations of all sizes.

According to a study by insurance firm Markel Direct, over half (51%) of SME businesses and self-employed workers in the UK have experienced a cybersecurity breach. The most common attack is a malware/virus breach (24%), followed by a data breach (16%), and phishing attack (15%).

Lacking resources and cybersecurity expertise 

The findings were taken from a survey of 1000 SME firms and self-employed individuals in the UK, underlining fears that these organisations are at particularly high risk of cyberattacks due to lack of resources and cybersecurity expertise.

The study analysed the extent of cybersecurity measures that are in place for SMEs and the self-employed. 88% of respondents said they had at least one form of cybersecurity, such as antivirus software, firewalls or multifactor authentication, and 70% said they were fairly confident or extremely confident in their cybersecurity arrangements.

In addition, nearly a third (31%) revealed they conducted risk assessments and internal/external audits on a monthly basis. One of the main reasons for organisations not having cyber security measures in place was due to a perception of them being ‘unnecessary costs’, with 26% of respondents stating that this was why they had not implemented any within their business. 

The consequences of a cyber breach could be harder to recover for a smaller business

Of those who have cyber security measures in place, 31% said they conducted risk assessments and internal/external audits on a monthly basis. 53% of respondents said they already have antivirus/malware software in place, while 48% said firewalls and secure networks were other measures they had taken. Taking precautionary measures like this can help prevent cyber-security attacks from happening in the future.

A further 21% had arranged cyber insurance as a way to protect their interests in the event of a breach or threat. 

Rob Rees, director of direct and partnerships from Markel Direct, commented: “Cyber-attacks on the largest corporations are often headline news, especially in consideration of some of the major breaches that have happened over the last few years to well-known businesses and local authorities. However, SMEs and the self-employed are also at risk, and the consequences can be devastating to smaller businesses that may not be able to recover from the financial impact of a cyber-breach or losing the trust of their customers.”