Small businesses spent £13.6 billion recovering from cyber crime in 2018

One in three UK companies fell victim to cyber attacks in 2018, with the majority of the damage occurring in small businesses, according to a report by Beaming.

The study found that cyber crime cost UK organisations £17.8 billion last year, of which £13.6 billion came from small businesses.

The average cost of a cyber attack for small businesses was £65,000 per victim. This accounts for damaged assets, financial penalties and business downtime.

Small businesses are becoming more vulnerable

Large organisations have always been the most likely target of cyber attacks. That remains true, according to Beaming’s study, with 70% of large organisations falling victim to an attack in 2018, compared to 63% of small organisations. However, in 2017 only 47% of small organisations were attacked, meaning the gap is narrowing.

That, along with the fact that small organisations make up the majority of UK businesses, explains why they contributed so much towards the cost of cyber crime last year. After all, multiple small breaches are more expensive to handle than one incident affecting the same number of people because standard processes – like detection and breach notification ­– are largely the same regardless of the scale of the incident.

Sonia Blizzard, managing director of Beaming, said: “Our research shows that cyber criminals don’t care how big your business is, everyone is a potential victim and the cost of an attack can be devastating. Larger businesses fall victim at the greatest rate because they have more people and more potential sources of vulnerability.

“However, they also tend to have multiple layers of protection in place to limit the spread of an attack and are able to recover more quickly after one.

“Small businesses are trusting more data to the cloud and accessing it from lots of locations. This provides greater flexibility and efficiencies, but also adds to the importance of ensuring data is held and transported securely.

“A specialist ISP can help here by managing a network with the security of business traffic in mind, assisting with the implementation of additional security measures such as managed firewalls and provide advice to clients to enhance the protection on offer. When choosing cloud products, businesses should ensure they have the right connectivity to go with it.”

Subscribe to the GRC Weekly to receive the latest cyber security news and advice >>

No Responses