As business are moving more and more to emphasise their online presence, (for example online retail has over taken store retail), the threat and frequency of cyber-crime has increased. In an effort to counter this, the UK government have announced an extra 1.9billion spending on cyber defence to help protect infrastructure and businesses. Therefore, I felt it necessary to discuss why it is important for small and medium business (SME) owners to take notice of the possible cyber threats to their businesses, as well as detailing them.


Cyber-attacks against SMEs have risen drastically over the last few years as reported by the guardian, with the telegraph reporting nearly 50% of attacks are targeted at small businesses.  There are several reasons for this. The “We’re too small, it’ll never happen to us” mentality detailed by the guardian has exacerbated this rise as pointed out by Sarah Green, a cyber security expert and business manager for Cyber Security at Training 2000:



“Hackers prey on the knowledge that small businesses tend to have lower defences than larger organisations, usually due to lack of financial and human resources. By their very nature, thriving small businesses are innovative and niche, which again is very attractive to the bad guys who may be interested in customer data and intellectual property and know exactly how to pick out the weak targets.”


Statistics gathered by KMPG and the UK governments becyberstreetwise initiative show that 50% of SMEs have been the victim of a cyber attack and over 60% of those attacked go out of business. In other words, cybersecurity should be a critical concern to your business.

There are a number of potential effects of cyber attacks to businesses. For example it could drastically effect your reputation to both you clients and even to the general public, with the KMPG report stating that a “majority (89%) felt the attack impacted their reputation” and “83% of consumers surveyed are concerned about which businesses have access to their data and 58% said that a breach would discourage them from using a business in the future.”


There could also be legal ramifications to a poor approach to cyber security, in the UK most notably it could lead to your organisation being in breach of the data protection act, with the ICO being granted permissions to issue fines of up to £500,000, with over £2,000,000 being collected in 2015.

Ultimately a cyber breach will lead to a loss in business and a loss in revenue with victims reporting (in the KMPG study) brand damage, loss of clients, hindrance in their ability to attract new clients, and the ability to win new business as effects of their attack. It is evident that this is an important issue.

To further illustrate the point, you need to look no further than the case given in the guardian article, that of MNH Platinum. Where due to a click of a link In an email they lost access to critical company data and was forced to pay a ransom to the attackers. This attack was still relatively minor to some of the other stories out there.

The question of what can be done to protect yourself and your business is one much bigger than the scope of this blog post, but I will try to identify a few things that you can do to try to mitigate the risk of a cyber attack.

A good starting point is to read the National Cyber Security Centre’s 10 Steps to Cyber Security, this should give you a good overview of the services that are available and the risk that your business faces, if your business handles peoples data, making sure you adhere to the data protection 8 principles is a must. The Governments cyber streetwise campaign is also another great resource for businesses looking to secure their business.

In short no matter the size of the business cyber security is important, and as a SMB owner you should be taking all steps necessary to protect your business.

If you would like any advice on Cyber Security or think you’d like some help, check out Indiespring’s work on Cyber Security or Get In Touch with us.