The reputation of a small business is its most valuable asset but cyber-crime is threatening to ruin it
15 May 2017
By Sue Terpilowski OBE, FSB London Chairman -This article was first published as a blog post in April 2016.
For the business world cyber security is now very much at the forefront of our minds after a tumultuous 2015 in which high-profile hacks barely left the headlines. The problem is that these headlines have created a ‘head in the sand’ mentality for smaller businesses. Too many wrongly assume hackers will not target them, and should they fall prey to a similar hack, they aren’t thinking of the damage to their reputation that could be caused. In fact, recent research from the Federation of Small Businesses show that two thirds (66%) of those surveyed by FSB have been a victim of cyber crime in the last two years.
Make no mistake, while a big brand name experiences a big loss of confidence when security is breached, it is nothing compared to what will happen to a smaller name. For businesses who rely on word-of-mouth and are operating on the slimmest of profit margins, the impression that you or your colleagues are careless with cyber security can be fatal. It doesn’t matter how quickly you implement your new security software – you will be forever associated in the minds of procurement managers and consumers alike with the consequences of a cyber breach, whether that’s phishing emails, service disruption or the like. Customers know they are taking a risk by offering up their data to you, and they won’t forgive you quickly if it gets lost.
The picture of small business owners ignoring this most crucial of threats was made clearer when Cyber Streetwise and KPMG released a report recently with some worrying figures: while 58% of consumers (and, in another KPMG report, 86% of procurement managers) would be discouraged from using a business in the future if that business had experienced a cyber breach, less than a third of small business owners surveyed thought of this reputational damage as an “important” consideration.
The majority (89%) of small businesses surveyed by KPMG who have experienced a breach felt the attack impacted their reputation in some way. Yet, their survey revealed half of small businesses (51%) thought it unlikely or very unlikely that they would be a target for an attack and only a third (33%) felt “completely prepared” for a cyber security breach.
Clearly on cyber security there is a huge distance between what SMEs are thinking about and what they should be thinking about. Cyber security needs to become not just a niggling, reactive concern for small businesses but a key prong in their strategy for competitiveness. Customers expect high standards of security, and feeling like a small fish in a big pond is no excuse for not providing it. A good reputation for security and trustworthiness is the bedrock of SME growth, and if it is treated as an optional extra our small businesses will suffer ever more as time goes on.
Cyber Streetwise, a cross-government campaign funded by the National Cyber Security Programme, helps small businesses avoid putting their reputation at risk by recommending they follow these three simple steps to protect their data:
- Use strong passwords containing three random words
- Install security software on all devices
- Always download the latest software updates
Hardly a daunting list, and a great asset to your company’s standing at no extra cost.