Number of SMEs prepared to report a cyber-attack ‘worryingly low’, says Scott-Moncrieff

Following a cyber-attack, SMEs will invest in taking practical steps to protect themselves, but according to a survey undertaken by Scottish business advisers and accountants Scott-Moncrieff, only 26 per cent report the matter to the police, and just 23 per cent contacted their insurer.

The survey also found that despite only 32 per cent of respondents being comfortable that their prevention measures would be sufficient in the event of an attack, only 26 per cent of SMEs have invested in any form of cyber insurance.

Fraser Nicol, head of business and technology consulting at the firm, said: “SMEs are increasingly aware of the threat of cyber-attack and they are taking it seriously. However, many seem unsure as to whether their investments have been effective and unclear about what they would do to recover their losses in the event of a cyber-attack. SMEs seeming reluctance to report issues is a concern, given that reporting will become compulsory next year.”

With cyber-attacks being both one of the fastest growing and most economically damaging categories of crime, the research indicates concerns among SMEs over reputational damage, and the harming client relationships, as major factors in businesses choosing to let attacks go unreported.

The research also indicated that SMEs under-estimate the cost of dealing with a cyber-attack. Amongst those that had already experienced an attack or data loss, the cost involved in rectifying breaches was a key concern for the future, but less so for those that had not previously been attacked.

“These risks are very real for small as well as large business, so it’s important to plan ahead”, continues Mr Nicol. “Business owners must take their own preventative steps to ensure they are not only investing in protecting their business from an attack, but also ensuring they have the plans in place to deal with a breach should one occur anyway. This points to investing in specialist cyber-insurance and establishing a response plan.

“Online crimes are rising with hackers increasingly targeting a wider range of companies. Hacks of big businesses may grab headlines but thousands of SMEs suffer cyber-attacks every day.

“Whilst investing in preventative measures is vital, businesses must also ensure they have a plan in place to deal with an attack in order to mitigate any losses that are incurred.”

Click here to view the full survey “Here, there and everywhere: The cyber threats facing SMEs”.