Tuesday 9 March 2021 12:01 am

More than 1m small businesses ‘at risk of collapse’ due to cyber threats

The government has been urged to pump more money into cyber defences after new research revealed that more than 1m small businesses would collapse if they were targeted by hackers.

A poll of more than 500 business leaders found nearly a quarter of UK SMEs — equivalent to 1.3m companies — were likely to go bust if they were forced to deal with the average cost of a cyber attack.

The research, commissioned by Vodafone, also showed that 16 per cent of firms would likely be forced to lay off staff in the event of a hack.

As a result, the report called on ministers to beef up the country’s corporate cyber defences, warning that a failure to do so could hamper the post-pandemic economic recovery.

It urged the government to expand a dedicated business cybersecurity within the National Cyber Security Centre (NCSC), which is part of GCHQ, and introduce a five per cent VAT cut on cybersecurity products for small companies.

In the Budget last week chancellor Rishi Sunak unveiled a new £520m Help to Grow scheme for SMEs, which includes free digital training and discounted software. 

But the report’s authors said it was not clear whether this includes cybersecurity products, adding that a more comprehensive support package was needed.

Covid cyber scares

Cyber threats have increased significantly over the last year due to the shift to remote working during the pandemic.

In the year to September the NCSC blocked 723 major incidents — up from just over 600 in previous years and equivalent to two large-scale attacks per day.

The report also found that just under a third of small businesses had experienced an increase in cyber attacks — which are estimated to cost the UK economy £34bn each year — since lockdown began last March.

Simon Fell, chair of the all-party parliamentary group on cybersecurity, said the report showed that “businesses often lack awareness of the cybersecurity risks they face, the protection they need to mitigate them, and the resources to withstand them”.

“SME cybersecurity is not a prosaic issue facing a few journeymen trying their hands at a new business during the pandemic, but rather an issue of national economic resilience,” he added.

In addition to extra funding for the NCSC and tax cuts on cyber products, the report recommended that part of the UK’s increased R&D budget should go towards cybersecurity product development in research centres in the North and Midlands.