Half of SMEs experience surge in cyber-attacks

Cyber-attacks against small and medium businesses in the UK soared by 15% during 2022, according to new research.

The research polled over 500 small and medium business owners across the UK and found that more than half (54%) had experienced some form of cyber-attack in the previous 12 months. 

This compares to similar research conducted by Vodafone a year earlier, which found 39% of SMEs had experienced some form of cyber-attack.

About 1-in-5 (19%) SMEs said that an average cyber-attack could cost their business up to £4,200, a loss they would be unlikely to bounce back from in the current cost-of-living crisis.

The rise in online attacks comes as Office for National Statistics (ONS) data indicates that more than a third of businesses in the UK now use a hybrid working model. The National Cyber Strategy 2022 has also stated that a growing dependence on digital technologies for remote working and online transactions has “increased exposure to risks”.

Despite such a finding, 18% of SMEs polled by Vodafone said their business was not protected with cybersecurity software, while 5% did not know if they had protection.

To ensure that more SMEs are protected from online attacks, Vodafone is calling on the government to do more to raise awareness of current initiatives to support the delivery of local cyber security skills. 

This should include providing the required funding to run a targeted ‘Cyber Safe’ awareness campaign for SMEs.

Andrew Stevens, Vodafone’s UK head of Small and Medium Business, said: “Last year we outlined the significant and detrimental impact of a cyber-attack on a small business, to the tune of up to £3,230 per attack. This figure has now subsequently risen to £4,200, which is a consequence from which most SMEs would not recover.”

“These findings reflect a lack of adequate skills and information to equip small business owners with sufficient protections, and while we welcome the progress that has been made by government with the establishment of nine regional Cyber Resilience Centres across England and Wales, it’s clear that more needs to be done to convince SMEs that they need to be investing in cybersecurity to protect their businesses, especially during a cost-of-living crisis where they are most vulnerable.”