It may seem like cybercrime is something that only big corporations should be concerned about, but that couldn’t be further from the truth. Statistics show that small and medium-sized enterprises (SMEs) in the UK are routinely targeted by cybercriminals – and the financial repercussions are evident. From phishing scams to ransomware, what exactly is cybercrime and how can you protect your business?
The Threat of Cybercrime to SMEs
UK SMEs are under mounting pressure, especially with cybercrimes on the rise. A recent Vodafone report puts annual losses at around £3.4 billion, mainly due to gaps in cybersecurity, including lack of training and weak protective measures. Smaller businesses face average recovery costs of £3,398, rising to £5,001 for slightly larger SMEs.
Research recently shared by BT shines a light on how widespread the threat really is. Nearly 42% of small businesses and 67% of medium-sized ones suffered cyber attacks in the past year. However, 39% of SMEs admitted they’ve never organised any cybersecurity training.
Serious security breaches can often take months to recover from, with phishing scams remaining the most widespread threat, targeting about 85% of UK businesses. Ransomware incidents are also rising fast, more than doubling in just one year. Another emerging tactic is “quishing” (QR‑code phishing), which has surged by 1,400% over five years.
These figures tell a stark story: SMEs are vulnerable and valuable targets. But here’s the good news: simply adopting basic cybersecurity measures could reduce risk by up to 75%, potentially saving an average business £3.5 million over a decade.
What SMEs Can Do to Stay Safe
Improving your cyber resilience doesn’t require an army of experts or an endless budget. A few simple steps can make a big difference.
Give your team cyber training. Awareness is a crucial and simple first step. Even basic sessions help staff spot phishing attempts and suspicious activity. BT’s findings highlight how neglected this area is, but equally how transformative it can be.
Implement ‘foundational controls’. Simple, yet essential, measures such as firewalls, antivirus software, strong passwords, and regular backups go a long way. These are low-cost but highly effective protections.
Consider Cyber Essentials certification. The National Cyber Security Centre (NCSC) reports that businesses which adopt the Cyber Essentials framework are 92% less likely to file a cyber insurance claim. Uptake is surprisingly low – only 35,000 of the UK’s 5.5 million businesses hold the certificate.
Explore cyber insurance thoughtfully. Many policies include preventative support, risk assessments, crisis assistance, and training. For small businesses (less than £1 million turnover), premiums typically range between £500–£3,500 annually; for larger SMEs (£1–£10 million), it’s more like £3,500–£10,000.
How Warr & Co Can Help
At Warr & Co, we understand that your focus, and expertise, is on running your business, not tackling cyber threats. That’s where we come in, giving you peace of mind from a financial perspective, so you can focus on what you do best.
Our friendly team of experts can help you invest wisely in the right tools so you’re lowering cyberattack risks as cost-effectively as possible. We’ll also work with you to ensure your business is matched to the right insurance policy, balancing coverage limits, premiums, and valuable add‑ons like incident response help.
Cybercrime may be on the rise, but that doesn’t mean you need to worry. With the right strategy, training, and support, your business can not only survive, but thrive in this digital world. Get in touch now for more advice.
©2024 Warr & Co Chartered Accountants. Warr & Co Chartered Accountants is a member of The Institute of Chartered Accountants in England & Wales (ICAEW). Whilst the information detailed here is updated regularly to ensure it remains factually correct, it does not in any way constitute specific advice and no responsibility shall be accepted for any actions taken directly as a consequence of reading it. If you would like to discuss any of the points raised and / or engage our services in providing advice specific to your personal circumstances, please feel free to contact any one of the partners or consultants on 0161 477 6789 or contact us via our website forms. A full list of our directors is available at our registered office. Warr & Co Chartered Accountants are registered to carry our audit work in the UK, our audit registration number is C002961684, for more information please visit www.auditregister.org.uk.