Small businesses are losing £800m a year due to cybercrime in the form of fraud and online scams, according to a new report by the Federation of Small Businesses (FSB).
The report by the organisation of 2,667 companies found that 41 percent had been hit by cybercrime scams in the last 12 months, with the average cost of an incident pegged at £4,000. Many of these scams are fraud carried out by someone posing as a customer or client, or by a ‘card not present’ fraud.
Online issues also abound, with 20 percent of firms reporting virus infections on their networks and eight percent hit by hacking. Five percent were affected by wider security breaches on data.
The FSB said the information is worrying for two reasons: because it shows that risks exist online for small firms, and because other small firms not yet currently trading online will remain sceptical of doing so, despite the larger and long-term economic benefits of doing so.
Mike Cherry, national policy chairman at the FSB summed up the issues when unveiling the report. "Cyber crimeposes a real and growing threat for small firms and it isn't something that should be ignored. Many businesses will be taking steps to protect themselves but the cost of crime can act as a barrier to growth,” he said.
“For example, many businesses will not embrace new technology as they fear the repercussions and do not believe they will get adequate protection from crime. While we want to see clear action from the government and the wider public sector, there are clear actions that businesses can take to help themselves.”
In order to give businesses more help in protecting themselves against cybercrime, the FSB produced a guide for firms. This includes basic measures such as running security tools, applying updates to software and devices, ensuring a resilient password policy and securing any wireless networks.
The rest of the measures are as follows:
- Implement clear and concise procedures for email, internet and mobile devices.
- Train staff in good security practices and consider employee background checks.
- Implement and test backup plans, information disposal and disaster recovery procedure.
- Carry out regular security risk assessments to identify important information and systems.
- Carry out regular security testing on the business website.
- Check provider credentials and contracts when using cloud services.
The FSB also encouraged the government to do more to help small businesses arm themselves against cybercrooks, and Home Office Parliamentary under secretary for security, James Brokenshire, said the report would help shape its policy in this area.
"This is a crucial part of the Government's National Cyber Security Strategy and we need to make sure that all businesses, large and small, are engaged in implementing appropriate prevention measures in their business," he said.
"This report will help give a greater understanding of how online security and fraud issues affect small businesses, giving guidance as well as valuable top tips to protect their business."
The FSB findings match those by the the government earlier this year when it said breaches at small firms could cost as much as £65,000 per incident.
Use the same password for every website? It might be time to change them all
Applicants for parking bay suspensions put at risk of credit card fraud by Islington Council
Robert Swan appointed interim CEO after Brian Krzanich's departure
Should you link your data sets to add value, or leave them separate to reduce risk?