Why micro SMEs are still not taking cyber security seriously enough

By Julien Parven

A recent survey of 2,000 UK businesses looking at digital transformation showed the number of businesses with formal strategies had doubled over the last year to 63%. However, businesses with less than 50 employees lagged behind with 64% not having a formal plan, compared to 91% of those with 500+ employees.

According to the survey by Daisy Group, part of the disparity is that modern smaller businesses are often born in the cloud, unburdened by old legacy systems. SOHO businesses are built around being mobile, with laptops, tablets and other portable devices working between home and office, increasingly located in flexible workspaces or even coffee shops. While they may not need wholesale digital transformation, from experience, one area they are often behind larger SMEs is cyber security.  The good news is the survey showed the number of smaller businesses of 100 or less people looking at cyber security increased from 20% to 31%. But this needs to be higher still.

This is because the flipside to mobility is smaller SMEs are more acutely at risk of cyber criminals and the impact more devastating. The average cost of a cyber attack is estimated to be in excess of £10,000. A business of 500 people will survive but a new business of less than 10 people? The traditional office environment may be staid but it comes with dedicated IT resource who ensure all the latest security patches are applied and closely monitor who is accessing sensitive data.

Smaller businesses need to replicate this.  What is stopping them is a combination of lack of time and focus.  Time spent on IT is seen as time not spent making money. However, it needn’t be and there are tools out there that help. The advice for micro SME’s is threefold.

First, be aware.  SMEs must set aside time regularly to consider security or look to get support from service providers like Daisy who can take on the task.

SME Publications/ SME XPO 2024

Second, protect all devices.  In a small business, the distinction between the work and home devices is blurred. If you are going to be accessing data or sending files from your phone or tablet, it needs to be as protected as your laptop.

Third, to secure your organisation, you need to secure your data.  If valuable information is not in the cloud, it should be.  You are safe against losing it but you still need to think about security. At home, you may be protected when you download files but what about when you are out and about?  Sat in a coffee shop, someone can easily hack your data while you access it unless you put protections in place.

Technology has been a fantastic enabler of exciting new businesses. The fact that people can so easily access software and services via the cloud has meant more and more people working flexibly.  This is great news but flexibility shouldn’t be at the expense of security. It’s cheap and simple to achieve both with the right help and can be the difference between success and failure.

Julien Parven is SMB Marketing Director, Daisy Group.  Daisy’s annual digital transformation survey can be downloaded here



SME Publications/ SME XPO 2024