Bridging the cyber gap: protecting our SMEs in the new world of work
Anne Sheehan, Director - Vodafone Business UK
The past 14 months have seen rapid transformation in the way we work, and while benefits can be seen, the move to remote working has also led to an unwanted increase in cyberattacks.
Almost a third of the small and medium-sized enterprises (SMEs) we spoke to for our latest report, Protecting our SMEs: Cybersecurity in the new world of work, said that they had seen an increase in threat activity since the start of the March 2020 lockdown.
We also discovered a disconnect amongst business leaders, who perceived their organisations to be much less vulnerable to cyber threats than they actually are. With fewer resources and financial reserves than their larger counterparts to withstand attacks, this is something that needs to be addressed, and fast.
New threats, new opportunities
It is a more critical time than ever for small businesses. Many have adapted their businesses to comply with lockdown restrictions, rapidly adopting new digital strategies and transforming their business models.
And while business continuity was rightly the focus area, now that these new systems are in place, it’s time to make sure your security matches these new ways of working.
The pandemic has opened the door to new phishing and ransomware attacks with criminals pretending to be government authorities sending ‘official’ COVID-19-related communications to target vulnerable businesses and to test cybersecurity architecture.
These attacks have been spurred on by home working, which weakened defences, leaving many companies without the usual protections provided by their central offices.
With the financial damage of a successful cyberattack averaging £3,230 to its victim, our report found that this would cause almost a quarter of UK SMEs to collapse and 16 per cent more having to lay off staff.
But there are steps SMEs can take to protect themselves. From better training, to tightening up authentication processes with either multi-factor authentication or Zero-Trust models.
Prevention over cure
This can be a daunting process though, as many smaller businesses believe it’s too complex to implement or is too expensive and solutions might not focus on their needs.
As such, currently 30 per cent of small businesses have no form of cybersecurity strategy in place whatsoever.
In London, 18 per cent of businesses indicated they had no cybersecurity protection in place, and in the East of England it’s at 20 per cent. This jumps up in Wales (40%) and amongst businesses in the North East (32%).
In addition, only 59 per cent of all businesses surveyed believe the investment in cybersecurity to be worth the money.
Our report also found that SMEs are 15 times more likely to suffer a cyberattack than a fire or theft, yet they are still more inclined to invest in comprehensive protection measures against physical damages rather than digital threats.
When it comes to remote working, businesses are also expecting employees to have their own cybersecurity protections, yet a fifth of businesses said that they had done nothing to encourage homeworking staff to take steps to improve their cybersecurity.
A lack of understanding of the extent of the threat is compounded by a low awareness of Government cybersecurity schemes too.
The role of the government
The UK government has taken strides in recent years in the field of cybersecurity, establishing the world-class National Cyber Security Centre (NCSC) to mitigate cyber threats across the country and developing the National Cyber Security Strategy to improve the security and resilience of national infrastructure.
However, according to the Government's 2020 Cyber Breaches Survey, only 23 per cent of small businesses are aware of the UK Cyber Essentials scheme, the Government-backed standard which provides a basic level of protection against cyberattacks.
With 16.8 million people employed by the UK’s almost six million SMEs, protecting these businesses is not only important for the businesses themselves but also for national economic recovery, regional growth and wider supply chains of which SMEs are a key part.
In late July 2020, Simon Clarke MP, then Minister for Regional Growth and Local Government, recognised the economic contribution of SMEs and demonstrated the government’s readiness to support them by announcing £20 million in new grant funding to help SMEs across England recover from the COVID-19 pandemic.
Building back better
This is a great start. But there is more to be done and we’re working closely with governments to recommend further support, outlined in this latest report, but we also intend to play our part.
Working with Accenture, we’re offering new managed security services to SMEs throughout Europe, to help businesses detect, respond to and recover from cyberattacks.
We also launched V-Hub, a resource service covering topics such as website construction, security, remote working and digital marketing, so our customers can operate in a more digitalised world. And this is just the beginning.
We understand that no two SMEs are the same and that each has different needs and challenges. Which is why we take the time to understand your business, offering technology solutions that will help you grow and succeed.
Sharing peer-to-peer inspiration stories and giving access to thought provoking content from business leaders and experts, are just two examples of how we plan to support our SME community to learn and grow with one another.
Together we can build back better and stronger, creating a future where all businesses can grow and thrive, no matter their size.
View more Vodafone Business content here