Tue, 28 May 2024

Newsletter sign-up

Subscribe now
The House Live All
How the UK can unlock the opportunities of the global expansion of offshore wind Partner content
Home affairs
London Luton Airport expansion will help Luton soar Partner content
Press releases

We must give small businesses the support they need to stand up to cyber criminals


4 min read

For businesses up and down the United Kingdom, remote working is now the norm. A survey by the Office for National Statistics (ONS) shows that, for most of 2022, more than a third of workers in the UK were using a hybrid model of working.

Small and medium-sized businesses (SMEs) are no exception, but, for them, the rise in remote working comes with the clear and present danger of rising levels of cyber-crime.

The Cyber Security Breaches Survey 2022 report revealed just how bad the problem has become, with some 39 per cent of UK businesses having identified a cyber-attack in the past 12 months, and almost a third of businesses and over a quarter of charities having estimated that they were attacked at least once a week.

Too many SMEs still lack the awareness, skills and security measures to deal with cyber threats

Now, a new report by Vodafone further underlines the extent of the damage being inflicted by cyber criminals. The report indicates that the number of SMEs facing cyber-attacks has increased by 15 per cent in the last two years. It also demonstrates that too many SMEs are either insufficiently persuaded to put cyber protection in place or lack the knowledge and finance they need to take action. Nearly one in five SMEs said their business was not protected with cybersecurity software and a further 5 per cent did not know. Furthermore, only 28 per cent were aware of the government’s Cyber Essentials scheme – with more SMEs saying they had heard of a cybersecurity product that does not actually exist.

The rise in cyber-crime comes after Vladimir Putin’s invasion of Ukraine posed fresh cybersecurity risks, prompting the National Cyber Security Centre (NCSC) to warn businesses last year that now is not the time for complacency. “Your best long-term response to changes in cyber threat (without your staff having to work 24/7) is to permanently improve your organisation’s cyber security and resilience by building more secure networks and bolstering your resilience capabilities,” advised the NCSC.

In an ideal world, all businesses would have strong awareness of the risks and would show no hesitation when it comes to following the NCSC’s advice and investing in strong cyber security protection. But the urgent need to invest more in cyber security defences comes as many smaller businesses are feeling the effects of the increasing costs of living. Rather than investing in the future, too many small businesses have, instead, had to cancel, postpone or scale down investment or expansion plans. At the same time, too many SMEs still lack the awareness, skills and security measures to deal with cyber threats.

SMEs are the lifeblood of our economy, and it is vital that they are supported and encouraged to grow and, in turn, create jobs and wealth. With hybrid working here to stay, the government has a responsibility to make sure that we are doing all we can to protect SMEs, especially as the government put the average estimated cost of all cyber-attacks in the last 12 months at £4,200, up from £3,230 the previous year. While that might be small change to a major FTSE-100 company, it is enough to force many SMEs to lay off staff and, in some cases, close down altogether.

Thankfully, the government’s cybersecurity policy is world leading. Important government initiatives aimed at tackling cyber-crime at an SME level include the Cyber Aware campaign and the Cyber Essentials scheme. The nine regional Cyber Resilience Centres established across England and Wales can also play an important role in helping smaller organisations to make their cyber operations safer, more secure, and more resilient.

However, questions remain over whether enough SMEs are aware of the need to improve their digital skills, and how many know about the help available to make their cyber operations safer, more secure and more resilient. With too many SMEs still underestimating the threat level, Vodafone's report puts forward a number of solutions, including a cyber safe PR campaign to improve awareness.

Whatever approach is taken, one thing is clear: with so many SMEs knocked off course by the increasing costs of living, the last thing they need on their plate is a chaotic and costly cyber-attack. Having stood up for SMEs during the Covid-19 pandemic and, subsequently, with energy bill increases, we now need to ensure that all businesses have the help they need to stand up to cyber criminals.


Jane Hunt, Conservative MP for Loughborough.

PoliticsHome Newsletters

Get the inside track on what MPs and Peers are talking about. Sign up to The House's morning email for the latest insight and reaction from Parliamentarians, policy-makers and organisations.


Home affairs