Small businesses hit hardest by £17bn of cyber crime in 2018

Almost two-thirds of UK companies employing between 10 and 49 people – the equivalent of 130,000 businesses nationwide – fell victim to some form of cyber crime last year, Beaming’s annual survey showed.

The average cost of cyber attacks on small businesses amounted to £65,000 per victim in damaged assets, financial penalties and business downtime. This puts the total bill of cyber crime across all UK small businesses in 2018 at an estimated £13.6 billion.

Beaming’s survey of business leaders, which was conducted by the research consultancy Opinium, indicates that a third (33 per cent) of UK companies fell victim to cyber crime in 2018. While malicious phishing emails claimed the greatest number of victims (25 per cent of firms), ransomware attacks were the most financially damaging, costing victims £21,000 each on average.

Although the trend for large businesses to fall victim at the highest rate continued, with seven in every 10 companies of more than 250 people being hit, the rate at which small companies succumbed to cyber criminals reached its highest level since Beaming started surveying business leaders in 2016.

Sixty-three per cent of small businesses reported being a victim of cyber crime in 2018, up from 47 per cent of small businesses in 2017 and 55 per cent in 2016. The proportion of small business victims exceeded that of medium sized organisations (61 per cent) for the first time in 2018.

"Our research shows that cyber criminals don’t care how big your business is, everyone is a potential victim and the cost of an attack can be devastating," said Sonia Blizzard, managing director of Beaming.

She explained that small businesses are trusting more data to the cloud and accessing it from lots of locations. This provides greater flexibility and efficiencies, but also adds to the importance of ensuring data is held and transported securely. 

"A specialist ISP can help here by managing a network with the security of business traffic in mind, assisting with the implementation of additional security measures such as managed firewalls and provide advice to clients to enhance the protection on offer. When choosing cloud products, businesses should ensure they have the right connectivity to go with it," Ms Blizzard suggested.