New research from the Federation of Small Businesses (FSB) shows that cyber crime costs its members around £785 million per year as they fall victim to fraud and online crime.
The report shows:
- 41% of FSB members have been a victim of cyber crime in the last 12 months, putting the average cost at around £4,000 per business.
- Around 30% have been a victim of fraud, typically by a customer or client (13%) or through ‘card not present’ fraud (10%).
For the first time, the FSB has looked at the impact that online crime has on a business. The most common threat to businesses is virus infections, which 20% of respondents said they have fallen victim to; 8% have been a victim of hacking and 5% suffering security breaches.
The FSB is concerned that the cost to the wider economy could be even greater as small firms refuse to trade online believing the security framework does not give them adequate protection. Indeed, previous FSB research shows that only a third of businesses with their own website use it for sales.
The report also finds:
- almost 20% of members have not taken any steps to protect themselves from a cyber crime
- 36% of respondents say they regularly install security patches to protect themselves from fraud
- almost 60% regularly update their virus scanning software to minimise their exposure to online crime
In response to this, the FSB has developed 10 top tips for small firms to make sure they stay safe online
- Implement a combination of security protection solutions (anti-virus, anti-spam, firewall(s))
- Carry out regular security updates on all software and devices
- Implement a resilient password policy (min eight characters, change regularly)
- Secure your wireless network
- Implement clear and concise procedures for email, internet and mobile devices
- Tran staff in good security practices and consider employee background checks
- Implement and test backup plans, information disposal and disaster recovery procedures
- Carry out regular security risk assessments to identify important information and systems
- Carry out regular security testing on the business website
- Check provider credentials and contracts when using cloud services
Launching the report at an event in London today, Mike Cherry, National Policy Chairman, Federation of Small Businesses, said:
Cyber crime poses a real and growing threat for small firms and it isn’t something that should be ignored. Many businesses will be taking steps to protect themselves but the cost of crime can act as a barrier to growth. For example, many businesses will not embrace new technology as they fear the repercussions and do not believe they will get adequate protection from crime. While we want to see clear action from the Government and the wider public sector, there are clear actions that businesses can take to help themselves.
“I encourage small firms to look at the 10 top tips we have developed to make sure they are doing all they can. We want to see the Government look at how it can simplify and streamline its guidance targeted specifically at small firms and make sure there is the capacity for businesses to report when they have been a victim of fraud or online crime
James Brokenshire, MP Parliamentary Under Secretary for Security, Home Office, said:
Having personally been involved in the cyber security debate for several years now, I am pleased that the Home Office is working with the FSB to highlight the current experiences of small businesses.
“Cyber security is a crucial part of the Government’s National Cyber Security Strategy and we need to make sure that all businesses, large and small are engaged in implementing appropriate prevention measures in their business. This report will help give a greater understanding of how online security and fraud issues affect small businesses, giving guidance as well as valuable top tips to protect their business
David Willetts, MP Minister for Universities and Science, Department for Business, Innovation and Skills
The Department for Business, Innovation and Skills (BIS) published guidance in April 2013, ‘Small businesses: what you need to know about cyber security’, based on our comprehensive ‘10 Steps to Cyber Security’ guidance. This guidance sets out the current risks, how to manage these, and plan implementation of appropriate security measures.
“We know only too well of the importance of securing buy-in from both big and small business in implementing appropriate protection against cyber risks – business success can depend on it. Increasing security drives growth.
“I support all efforts, like the FSB’s, to provide clarity on the issues small businesses are facing, and more importantly, what they can do about them. I urge all small businesses to follow the FSB’s advice