Cyber crime: Are you running an unnecessary risk?

It really could be you as 19,000 smaller UK businesses are hit by cyber crime every day, warns the FSB's Dave Stallon. Here's how to act now...

A staggering seven million cyber crimes are committed against smaller businesses in the UK every year. That’s 19,000 every day. On average, each of these incidents costs the victim nearly £3,000, and takes 2.2 days to recover from.

The digital economy is vital to smaller businesses, presenting huge opportunities to reach new markets and customers. Online selling, digital data, and digital communications have quickly become crucial to business success. Many new start-ups are digitally driven from the outset.

Risk of cyber crime attack is rising. Attackers are becoming more effective, whilst victims are becoming less able to discover attacks. Cyber crime is one of the fastest growing risks to small businesses, and one of the fastest growing areas of crime globally.

Time to protect your business

As a smaller business you should take basic cyber resilience precautions to help protect your business. These include:

  • Using computer securing software
  • Carrying out regular updates of your IT systems
  • Having a strict password policy
  • Having a crisis plan of what to do if you are attacked
  • Implementing processes that carry a recognised security standard such as ISO27001
  • And having a cyber insurance policy.

It may be no surprise that research by the Federation of Small Businesses (FSB) in 2016, found that 99% of the UK’s 5.4 million smaller firms rate the internet as being highly important to their business.

Two in three of these offer, or plan to offer, goods and services online. However, the countless benefits and opportunities brought about by the growing digital economy are matched by the risk of criminals attacking businesses digitally.

The biggest risks for small firms

The most common types of cyber criminal activities against smaller businesses are:

  1. Phishing emails (49%), where digital channels are used to deceptively obtain personal and financial information
  2. Spear phishing emails (37%), where the relevant email appears to be someone or an organisation the receiver knows
  3. Malware attacks (29%) against a computer, other device or network, by malicious software, such as viruses, spyware, Trojans, worms, and rootkits.
  4. For the retail and wholesale trade sector, CNP (card not present fraud) is added to the list, with 21% of smaller retail and wholesale traders reporting being the victim of this type of cyber crime.

Taking steps to protect your business by implementing cyber resilience measures, is undoubtedly a sensible move. However, smaller businesses are understandably focused on building their businesses and creating the jobs which drive economic growth. Whilst smaller firms take their cyber security responsibility seriously, they are often the least able to bear the cost of doing so.

Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks. Because of this, and as a result of the research we have carried out, FSB has, from spring 2017, introduced an inclusive cyber protection package to its Business Essentials members.

As well as including a cyber advice line and access to online information, the benefit includes basic cyber protection insurance cover (up to £10,000 protection for third party data and cyber liability claims). Members have an option to purchase a comprehensive package too.

Dave Stallon is commercial director at FSB, the UK’s biggest business group which has a national network of members. FSB is a member-led, not-for-profit organisation that offers its members a wide range of vital business services and advice, as well as a powerful voice in government. Find out more at


(will not be published)