SMEs Unprepared to Recover from an ‘Inevitable’ Cyber-Attack

While the threat of cybercrime is at the forefront of SME owners’ minds, ‘cyber recovery’ is not, according to a new study, The Business of Cyber Recovery, by PolicyBee. Five hundred UK SMEs were asked about their preparedness for cybercrime and its aftermath: one in three believe that a cyber-attack on their business is a matter of ‘when’ not ‘if’, and a quarter believe an attack is ‘likely’.

However:

  • 74% have not put any budget aside to deal with the aftermath.

  • 43% will react if and when a cyber-attack happens and have absolutely no plans in place.

  • Just 14% of all SMEs have a detailed plan which covers all bases and crucially have tested that plan.

Sarah Adams, cyber insurance expert, who commissioned the study for PolicyBee, said: “Large corporates will all have a ‘what if’ plan in place that has been stress tested via a crisis simulation or role play exercise. They will know exactly what to do in the event of a cyber-attack. However, small businesses seem to be chancing their luck and despite expecting to be hacked, aren’t preparing to be prepared.

“The difference between a large and small company is that at least in the short term, no single individual will lose their income in big business – but in a small business, their day to day livelihood could be altered dramatically within a scarily short space of time.”

Businesses in denial

Younger respondents seem more aware of potential cyber risks – as business owners get older they think a cyber-attack is less likely: 22% of 18-34-year-olds think a cyber-attack is unlikely; 41% of 35-54-year-olds and 56% of 55+-year-olds.

Business in the South West and East of England are most in denial of a cyber-attack – those in London and the NE are the most switched on.

Similarly sole traders believe they are least at risk from a cyber-attack: 71% say it is unlikely; 32% of businesses with 10-49 employees and one in five of businesses with 50-249 employees.

Adams continued: “More mature sole traders in the South West and East Anglia seem to be in the most potentially vulnerable group. If you are one of these people, it would be well worth looking at your business’s potential to become the next cyber victim, and how you’d continue to operate afterwards.”

[easy-tweet tweet=”Only 24% of IT businesses say an attack is unlikely ” hashtags=”Security, CyberAttack”]

IT and management consultant firms more switched on to cyber recovery

Interestingly, SMEs operating in the IT and management consultancy sectors had a much more realistic attitude to cyber-attacks:

  • only 24% of IT businesses say an attack is unlikely (48% say likely)

  • 16% of Management Consultants say an attack in unlikely (51% say likely)

According to PolicyBee, who provides cyber insurance and other business insurance to freelancers and small businesses, the study highlights the fact that SMEs are simply too busy running their day-to-day operations.

Adams concluded: “It’s not the usual case that all SME owner-managers are burying their heads in the sand, as the study shows some awareness of the possibility of an attack amongst some groups. It’s more that these busy owner-managers haven’t prioritised any time to deal with the aftermath of an attack. We’re all familiar with the terms cybercrime; cyber-attack; and hackers; but we need to make ‘cyber recovery’ part of the general discussion now too.”

+ posts

Newsletter

Related articles

Need to reduce software TCO? Focus on people

Investing in software is undoubtedly important for enterprises to stay ahead. However, the process is rarely a simple task for CIOs and IT leaders.

The future of cloud and edge optimisation

As more enterprises use multi-cloud and hybrid infrastructures, the danger of cost overruns and loss of control increases.

Here is how to stage a public cloud migration

As the relationships between CSPs and cloud providers are deepening, CSPs need to develop a clear strategy on how they add value to customer relationships.

The future of work is collaborative

As hybrid work models continue to gain traction, businesses will need to start implementing collaborative tools and processes to meet the needs and expectations of the upcoming workforce, seamlessly integrating them into existing workflows to enhance productivity and performance. Innovations in technology, including AI and machine learning, mean that organisations are in a better position than ever to shape the collaborative future of work – and with the right support in place, they can ensure that these digital tools continue to bring out the best in their workforce for years to come.

How Business Data Can Be Protected, Even with Remote Workers

According to a study conducted by OwlLabs, approximately 69% of survey respondents worked remotely during the pandemic or are now working from home since.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our Newsletter