grandeduc - Fotolia

Channel customers in the cyber criminal crosshairs

A report from the FSB highlights just how many smaller firms are being hit by cyber crime underlining a sizable channel opportunity

The phrase "SME security attacks" can usually be translated into an opportunity for the channel because those customers do not have the luxury of banks of IT staff fending off the hackers.

So it is no wonder that comments about the level of attacks that its members face from the Federation of Small Business (FSB) have been siezed on by many in the industry.

Not only does the FSB report highlight the problems that SMEs are having with cyber crime but reverses the idea that the burden of attacks are being carried by large enterprises.

The report, ‘Cyber Resilience: How to protect small firms in the digital economy,’ stated that smaller firms were collectively attacked seven million times per year, costing the UK economy an estimated £5.26bn.

The FSB stated that the cost of cyber crime was disproportionately more for small firms compared with larger enterprises, when adjusted for organisational size.

Even though many firms (93%) have moved to protect themselves two thirds were hit by cyber crime in the last two years and on average those attacks have cost them £3,000.

“The digital economy is vital to small businesses - presenting a huge opportunity to reach new markets and customers - but these benefits are matched by the risk of opportunities for criminals to attack businesses," said Mike Cherry, FSB national chairman.

“Small firms take their cyber security responsibility very seriously but often they are the least able to bear the cost of doing so. Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks," added Cherry.

The response from the industry was to agree that SMEs were not in a position to deal with the problems on their own and they had to turn to specialists.

"The Federation of Small Businesses (FSB) study highlights a key issue in the business landscape – the fight against cyber-crime needs to be collaborative. When trying to protect itself against malicious attacks on its network, a small business finds itself in a David versus Goliath situation. But work with thousands of other small businesses, enterprises and the government, soon the small business becomes the goliath," said Stephen Love, security practive lead EMEA at Insight.

"No matter their size, small businesses need to take proactive steps to protect their assets from cyber-criminals.  This includes something as simple as updating operating systems. You will be surprised how many small businesses are still running old operating systems on their IT networks like Windows 2003. Any servers still running this programme cannot host new antivirus software and remain unpatched, so are vulnerable to attacks," he added.

Andy Herrington, head of cyber professional services in UK & Ireland at Fujitsu, said that small firms were often an entry point for larger organisation supply chains and as a result the size of the business was not a defence against the criminals.

“To combat today’s threat, small businesses should take a proactive approach when it comes to security. Implementing a basic security framework through understanding the threat will allow them to get on the front foot in combating attacks, ensuring that these threats don’t come to pass. In parallel, small businesses need to look at embedding baseline security education early on to ensure everyone is engaged and part of the overall organisational resilience," he said.

Read more on Threat Management Solutions and Services