With the country being encouraged to work from home once again, new research has revealed a significant proportion of small businesses are potentially sleep walking into danger without the right contingency plan in place to deal with a cyber-attack.
A survey by Hitachi Capital Business Finance of over 1,000 small business senior decision makers found that around three quarters (73%) of remote working businesses said they did not have a contingency plan to prevent and manage a cyber-attack, while two in five (38%) of these businesses admitted they had not even given the prospect of a cyber-attack much thought.
The results come at a time when ransomware attacks in the UK have doubled in a year, according to the GCHQ, with the director of GCHQ, Jeremy Fleming, saying cyber-crime is “largely uncontested” and “highly profitable” to criminal organisations*.
In the past year, just 23% of businesses planning to work remotely long term had invested in new software.
Smaller businesses were found to be more at risk. Those with fewer than 10 employees were 20% more likely to be at risk from the damaging effects of a cyber-attack, according to the research. Four in five (83%) micro-businesses said they did not have a cyber-attack plan (with over a third (37%) admitting they had not given it much thought), compared with 67% of businesses with more than 50 employees.
By sector, the results suggested that those in media and marketing were among the most at risk. Over two thirds of small businesses in this sector planned to work remotely for at least the next six months, however 83% had no cyber-attack plan in place (with a third admitting they had not given the issue much thought). Similarly, for those in retail (56% working remotely), 83% had no plan in place (with a quarter admitting they had not given the issue much thought).
In terms of tech sophistication, 44% of remote working small businesses felt they were not using technology operationally each day to its fullest extent. Of these around 10% admitted that their tech capabilities held them back as a business, while the remainder believed they were behind the leaders in their market.
Joanna Morris, Head of Insight and Marketing at Hitachi Capital Business Finance, commented:
“The latest guidance encouraging businesses to work from home brings into focus the need for effective measures to counter and manage cyber attacks. Greater reliance on systems that enable businesses to continue to operate remotely could potentially expose areas that could be exploited. This, coupled with the fact that ransomware attacks are rapidly on the increase, should mean alarm bells for many small businesses.
“The fact that so many businesses working remotely do not have the right plans in place, or have even given this much thought, is a concern. Not keeping websites and systems up to date could allow hackers to steal staff, client or customer data, or damage a business’s reputation. The costs of repairing this can easily run into six or more figures. Investing in proper security systems needs to be at the top of a list of priorities. Only with this peace of mind will it be possible to plan effectively for the long term.”