Why SMEs are at a higher risk to cyber crime

Preventing cyber crime has become a major consideration for small businesses in today's digital economy, but how can they actually do that?

Cyber crime is one of the biggest threats faced by businesses today. Research from internet provider Beaming shows that UK companies alone faced 146,491 attempted attacks in the second quarter of 2019, up from 52,596 in 2018.

This is particularly becoming a major challenge for small and medium-sized businesses. According to the Federation of Small Businesses, one in five SMEs have experienced a cyber attack in the past two years. An estimated 7 million attacks took place during this period, costing firms £4.5bn annually.

A recent study from security firm Webroot has also highlighted the growing danger to SMEs, claiming that they face a higher risk of attacks such as ransomware, phishing and social engineering. It found that 48% of small businesses have had to deprioritise areas that could help them grow in order to address cyber security issues and that 18% are having to spend an entire working day fighting cyber crime.

But what makes SMEs a bigger target for cyber criminals than larger and more established organisations? Paul Barnes, senior director of product strategy at Webroot, believes it is because they can no longer consider themselves too small to be targeted. He says: "In fact, they are facing the same risks as larger corporations when it comes to cybersecurity, thanks to the increasingly valuable data they hold.

"SMEs also have arguably fewer resources, smaller budgets and fewer skills available to defend against attacks. This makes it difficult for smaller IT teams to manage on their own, and leaves employees stretched thin and unable to devote the necessary time to many critical cybersecurity tasks. Cybercriminals are well aware of these vulnerabilities and also understand that SMEs can be a useful conduit to bigger, more valuable organisations via the supply chain."

He notes how bigger businesses are better equipped to identify and mitigate potential attacks. Barnes says: "In comparison, larger corporations have become increasingly more aware of the risks associated with cyberattacks and are implementing more sophisticated cybersecurity tools and techniques to make it difficult for cybercriminals to break through their defences."

A growing epidemic

To continue reading this article register now