The average cost of cyber attacks on small businesses amounted to £65,000 per victim in damaged assets, financial penalties and business downtime. The puts the total bill of cybercrime across all UK small businesses in 2018 at an estimated £13.6 billion.
Beaming’s annual survey of business leaders, which was conducted by the research consultancy Opinium, indicates that a third (33 percent) of UK companies fell victim to cybercrime in 2018. While malicious phishing emails claimed the greatest number of victims (25 percent of firms), ransomware attacks were the most financially damaging, costing victims £21,000 each on average.
Although the trend for large businesses to fall victim at the highest rate continued, with seven in every 10 companies of more than 250 people being hit, the rate at which small companies succumbed to cybercriminals reached its highest level since Beaming started surveying business leaders in 2016.
63 percent of small businesses reported being a victim of cybercrime in 2018, up from 47 percent of small businesses in 2017 and 55 percent in 2016. The proportion of small business victims exceeded that of medium sized organisations (61 percent) for the first time in 2018.
Sonia Blizzard, managing director of Beaming, comments: “Our research shows that cyber criminals don’t care how big your business is, everyone is a potential victim and the cost of an attack can be devastating. Larger businesses fall victim at the greatest rate because they have more people and more potential sources of vulnerability. However, they also tend to have multiple layers of protection in place to limit the spread of an attack and are able to recover more quickly after one.”
“Small businesses are trusting more data to the cloud and accessing it from lots of locations. This provides greater flexibility and efficiencies, but also adds to the importance of ensuring data is held and transported securely. A specialist ISP can help here by managing a network with the security of business traffic in mind, assisting with the implementation of additional security measures such as managed firewalls and provide advice to clients to enhance the protection on offer. When choosing cloud products, businesses should ensure they have the right connectivity to go with it.”