However, for a small business focused on day-to-day productivity, growth and competitive advantage in a challenging economic climate, such threats can still seem completely irrelevant. Many small business owners believe that criminals have better things to do than focus their attention on small firms when there are large, wealthy enterprises to target.
In fact, recent research by a leading anti-virus software provider shows that over 80% of companies with up to 10 employees believe they are not a target for cyber attacks because they are too small or don’t have anything worth stealing.
This is not the case. In reality, any organisation can become a victim, regardless of its size. All organisations hold data that could be of value to cybercriminals or alternatively could be used to reach other companies or individuals.
As large enterprises invest in digital security and punishments become more severe for criminals – they are turning to smaller firms.
London’s smallest companies are increasingly reliant on the latest mobile devices and computing equipment, with two-thirds having internet-connected laptops, half supporting mobile and remote working, and a quarter allowing employees to use their personal smartphones for work.
Of course, these new technologies can offer immense potential for smaller firms. However, these can also introduce new and possibly unexpected IT security vulnerabilities. Between them, these devices hold confidential communications, customer, supplier and financial records, client work, designs, artworks and blueprints, appointment calendars etc. All data that is considered critical is vulnerable to hacking, whether as a direct or stepping stone attack to reach another organisation.
Despite these risks, many businesses do not appear to be adequately educated. Just one in four of the small business owners surveyed turn to an external IT professional for advice, while over a third try to sort any problems out themselves.
Although many small businesses illustrate naivety when it comes to cyber security, they certainly appreciate how vulnerable they would be if an attack was to happen. A third admit they wouldn’t know what to do if they had an IT security breach tomorrow, almost half would struggle to recover all the data lost, and a quarter admit they would be unable to recover any data at all.
One in ten of those surveyed accepted that it would probably cost them their business. But the general consensus appears to be one of “stick your head in the sand”.
The problem is that smaller firms often lack the IT expertise and resources they need to understand and address IT security issues, or to keep up to date with the rapidly growing and evolving threat landscape. This doesn’t mean that business owners need to become an IT security expert – help can be easily outsourced, using a company like totality services.
If you’d like any advice regarding cyber security for your London based business, please contact us.