How can SMEs protect themselves in a world of cyber crime?

Cyber attacks on SMEs have increased year on year. In 2015, over half of cyber attacks on businesses in the UK were targeted at small firms.

Of companies who have fallen victim to an attack, 31% said the attack caused damage to their brand while over a quarter found the breach also resulted in customer delays. 30% said it caused a loss of clients, with 93% saying the attack had crippled the business’s ability to function.

Small businesses are an attractive target for cyber criminals. Research suggests that one in five e-commerce websites don’t know who handles their website security, with 50% stating that they are not prepared for an attack and had no recovery plan if one took place.

>See also: SMEs do not train staff on cyber security risk

It’s clear that SMEs need more support when it comes to the risks of cyber crime, so they can take steps to protect themselves and their customers.

What can small businesses do to defend against cyber crime?

There are a number of ways small businesses can protect themselves from a cyber attack. For a start, only 41% of SMEs have a secure Wi-Fi router, so odds are your business needs to password-protect your Wi-Fi. Here are 5 more ways small businesses can defend themselves.


Even free anti-virus software protects you from a huge amount of malicious cyber attacks. For businesses, it is of course better to have a more robust antivirus solution. Business-specific antivirus software can be licensed to a number of devices and managed in a centralised position. As updates to the software are released, every copy can be managed and updated with ease.

>See also: Controlling endpoints to secure SMEs against increasing threats

Bring your own device (BYOD) policy

Employees of SMEs are bringing their own devices to work more than ever. This is particularly common in startups trying to keep costs lean. BYOD might be convenient and cost-effective but the lack of a clear BYOD policy will open the door for hackers to access your systems through unprotected devices.

Your BYOD policy should ensure that any non-work devices that are used conform to the same security measures as any business device.


95% of cyber attacks feature human error somewhere along the line. This can range from leaving doors unlocked to accidentally giving away a password. Make sure your staff is fully trained on best practice password management and safe use of the web and email. The more your staff know about the dangers, the more conscious and alert they will be.

>See also: Bring the noise: How AI can improve cyber security

Exercise access control

Admin access to your systems should only be granted to select individuals. This can help limit the amount of damage a hacker can do if they gain access to an unprivileged account. Similarly, keep sensitive data, like payroll, out of the hands of anyone who doesn’t need it to do their job.

These are just a few ways SMEs can easily protect themselves from a cyber attack. Today, a cyber attack for any business is not a question of ‘if’, but ‘when’. The key thing to do is find out what the threats are and how you can defend yourself. Knowledge is power, after all.

LeadingEdge Cyber Security Infographic
LeadingEdge Cyber Security Infographic

Sourced by LeadingEdge

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...