Over 1 in five UK SMEs (21%) are worried that their business will not survive the current economic uncertainty or expect they will have to do something drastic to survive. This is according to a survey commissioned by CyberSmart and conducted by Censuswide.
The survey of a thousand SME senior leaders and decision-makers across the UK revealed that some SME senior leaders would go to great lengths to ensure the survival of the business, from engaging in cybercriminal activity and committing accounting fraud to neglecting compliance requirements.
Activities that SME senior leaders would consider engaging in, include:
Additionally, a third of SMEs have either decreased cybersecurity spending since the economic uncertainty or admitted to never really investing in it. In fact, as many as 42 per cent of SME senior leaders do not believe it is worth investing in cybersecurity, with over 1 in 5 (21%) believing they are not a target. A further 16 per cent claim it is not worth it because they have cyber insurance and 10 per cent assert it is not a priority. Only 25 per cent realised it was worth investing in cybersecurity because they could not afford to be breached.
Jamie Akhtar, CEO, and co-founder of CyberSmart said, “as a business owner myself, I can understand the pressure many SME decision-makers are currently facing to keep their companies running and ensure their employees are taken care of, all while budgets tighten. It is during these times that emotions run high, and people might make irrational decisions that go against their own, and their company’s best interest. It goes without saying that we would never condone criminal behaviour. Moreover, we would strongly recommend that businesses do invest in cybersecurity and compliance.
“The business ecosystem has become highly intertwined, so no business is immune from cyberattacks. In fact, SMEs could prove to be an easy entry point for cybercriminals looking to hit others within their supply chain, if they have weak cybersecurity postures. While cyber insurance is important for risk transfer, it should not be relied on either. A comprehensive and continuous cybersecurity and compliance strategy is needed to avoid the financial, reputational, and even, physical repercussions of a breach. Fortunately, there are solutions today that can help in doing so, without breaking the bank.”