Small firms lose up to £800m to cyber crime, says FSB

Cyber crime is costing small businesses around £785m a year, according to research by the Federation of Small Businesses

Cyber crime is costing small businesses around £785m a year as they fall victim to fraud and online crime, according to research by the Federation of Small Businesses (FSB).

The research, in collaboration with the Home Office and Department for Business, Innovation & Skills (BIS), shows that 41% of FSB members have been a victim of cyber crime in the past 12 months, putting the average cost at around £4,000 per business.

Around three in 10 members have been a victim of fraud, typically by a customer (13%) or through cardholder not present fraud (10%).

The study found that virus infection is the most common online threat, affecting 20% of respondents, compared with 8% reporting hacking attacks and 5% reporting security breaches.

The FSB is concerned that the cost to the wider economy could be even greater as small firms refuse to trade online because they believe the security framework does not give them adequate protection.

Previous FSB research showed that only a third of small businesses use their websites for sales.  

The study found that almost 20% of members have not taken any steps to protect themselves from cyber crime, but 36% said they regularly install security patches and almost 60% regularly update their virus scanning software.

"Cyber crime poses a real and growing threat for small firms and it is not something that should be ignored,” said Mike Cherry, national policy chairman at the FSB.

“Many businesses will be taking steps to protect themselves, but the cost of crime can act as a barrier to growth,” he said.

Top tips for trading safely online

  • Implement a combination of security protection software
  • Carry out regular security updates on all software and devices
  • Implement a resilient password policy
  • Secure your wireless network
  • Implement clear and concise procedures for email, internet and mobile devices
  • Train staff in good security practices and consider employee background checks
  • Implement and test backup plans, information disposal and disaster recovery procedures
  • Carry out regular security risk assessments to identify important information and systems
  • Carry out regular security testing on the business website
  • Check provider credentials and contracts when using cloud services

Source: FSB

Keep your business safe online

According to Cherry, many businesses will not embrace new technology as they fear the repercussions and do not believe they will get adequate protection from crime.

“While we want to see clear action from the government and the wider public sector, there are clear actions that businesses can take to help themselves,” he said.

Cherry called on small businesses to look at 10 tips drawn up by the FSB to ensure they are doing all they can to keep themselves safe online.

He said the FSB wants the government to simplify and streamline its guidance targeted specifically at small firms and make sure there is the capacity for businesses to report when they have been a victim of fraud or online crime.

James Brokenshire, parliamentary undersecretary for security, said the Home Office is working with the FSB to highlight the current experiences of small businesses.

"Cyber security is a crucial part of the government's cyber security strategy and we need to make sure that all businesses, large and small, are engaged in implementing appropriate prevention measures,” he said.

Image: iStockphoto/Thinkstock

Read more on Hackers and cybercrime prevention