Small businesses failing to protect themselves from growing threat of cybercrime


The survey of 250 small businesses reveals that just one in five see cyber security as a top business priority, whilst one in ten have never invested in improving the security of their website. This is despite the impact of a cyberattack costing UK small businesses on average between £75,000 and £311,000 in lost sales, business disruption, recovery of assets, fines and compensation.

As a result of not taking measures to protect themselves, businesses are leaving themselves open to potential threats. Almost half have been hit by at least one cyber-attack in the past year, with one in ten experiencing more than four attacks. Almost one in five admit that they were only prompted to review their cybersecurity when they were hit by an attack.

The research found the majority of SMEs are concerned that could be at risk from an attack, but many lack the knowledge and expertise to know how to better protect their business online. Only one in eight claim to be confident that they understand enough about cybercrime to protect their business, and just one in six are very confident that they have adequate measures in place.

Despite their lack of expertise in how to mitigate against cybercrime, more than four in ten  of SMEs acknowledge that the responsibility for protecting their company online lies in their own hands. However, support from third parties is also key. A quarter admit they lean on their website host and see it as their responsibility to provide support and more than one in ten think it is the responsibility of their payment provider to protect businesses from an attack.

Paul Clarke, Product Director at Barclaycard, said: “Businesses of all sizes face a constant and growing threat from cybercrime. As our research shows, many small businesses are failing take the necessary precautions, either because they don’t know how to protect themselves or, more worryingly, because they don’t think they need to. At Barclaycard we work with our customers to ensure they are aware of the growing threats they face and understand how they can protect themselves from cyber threats.

“Cybersecurity is not a one-off investment that can then be forgotten about, especially as criminals are becoming increasingly sophisticated in the way they target businesses. For fifty years we’ve been working in partnership with customers to ensure they are not only putting the right measures in place from the outset, but are also continuously reviewing their policies to keep up with the latest industry developments.”