Business owners already reeling from a Budget that contained little comfort for many firms have revealed a high level of fear of being hit by a cyber attack or data breach over the next year, according to new research* for Evelyn Partners.
Businesses already face a number of headwinds from rising employer National Insurance contributions, a hike in the minimum wage and more demanding employee rights, and it seems technological worries are adding to the burden. The UK-wide survey of 500 business owners with turnovers of £5m upwards reported that an alarming one in three [1](33%%) respondents believe a cyber attack or data breach is likely in their business over the next 12 months.
The research from Evelyn Partners’ professional services business - which will next year re-brand to S&W - also found that 1 in 5 businesses (22%) have reported being hit by a cyber attack or data breach in the past 6 months. Previously published research by Sky Business** suggests that cyber-attacked SMEs have estimated average losses of nearly £31,000 for each day they are forced to close, illustrating the damage that incidents can bring.
Stuart Whitehead, Partner in the cyber security practice at Evelyn Partners commented:
“It’s extremely worrying to see how many businesses fear they could be hit by a cyber security attack over the next year, not least given the significant cost, disruption and reputational damage that such incidents can bring. The high number of owners reporting that they believe a cyber attack is likely in the next 12 months suggests that many don’t have adequate measures in place to protect their businesses. This should be a wake-up call for businesses to put a plan in place to ensure their cyber defences are protected.
“Given all the other pressures on owners following the additional costs imposed on businesses by the Budget, a cyber incident is the last thing any firm needs at the moment. While the purse strings are tight for many companies at the moment, it would be a false economy to trim back spending on cyber defences in the current climate with attacks on the rise. Businesses that don’t invest in measures to prevent or minimise cyber security attacks risk losing customers if the services they provide are interrupted. In extreme cases, this could result in significant disruption and losses that could lead to going concern pressure.
“Cyber attacks have become more sophisticated and also more indiscriminate in recent years. While targeted attacks still persist, hackers can buy software and tools from the dark web, at extremely low cost. They can use without a lot of effort to indiscriminately target organisations to increase their chances of extracting cash from multiple targets. This leaves smaller businesses, who don’t have the luxury of large in-house teams of security experts, particularly vulnerable to attack.”
*The research was conducted by Censuswide, among a sample of 500 18+ UK Business Owners (Businesses with a turnover of £5m+). The data was collected between 18.09.2024-02.10.2024. Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. Censuswide is also a member of the British Polling Council.
**Sky Business research: SMEs miscalculate the cost of cyber attacks on their business