The UK private sector relies almost entirely on SMEs (companies that employ up to 249 employees). According to the Department for Business, Innovation & Skills, SMEs accounted for 99.9% of all private-sector businesses and 15.6 million jobs in 2015 (three fifths of all private-sector employment in the UK).
Their contribution to the national economy is huge – the annual revenue of SMEs in the UK was £1.8 trillion in 2015, 47% of all private-sector turnover. Since 2000, there has been steady growth in the private-sector business population in the UK, and it is predicted to grow even more in the coming years.
Cyber criminals look for SMEs for three reasons
In spite of these positive stats, SMEs don’t do so well when it comes to cyber security. They are not concerned by, nor prepared for, cyber threats – and their apathy is founded on three false beliefs:
- We are too small to be appealing – Not so: many SMEs are exploited by cyber criminals to gain access to bigger organisations that the SMEs supply.
- We don’t have anything worth stealing – It’s more likely that they underestimate the value of their assets.
- We have nothing to lose – Except their reputation. For SMEs especially, reputation is the foundation of securing new and ongoing business.
In order to reduce cyber crime in line with the National Cyber Security Strategy, the UK Government is urging SMEs to adopt the Cyber Essentials scheme as a means of establishing basic cyber security. Around 80% of Internet-based threats could be prevented by implementing just five security controls. But there’s more than that: implementing these controls allows companies to improve business efficiency by cutting costs or making the most of their resources.