Over 1 in five UK SMEs (21%) are worried that their business will not survive the current economic uncertainty or expect they will have to make a significant business pivot. This is according to a survey of a thousand SME senior leaders and decision-makers across the UK, commissioned by CyberSmart (and conducted by Censuswide).
The UK government estimates that the country is home to at least 5.5 million SMEs. If we were to extrapolate the findings, it could mean 1.155 million businesses are in a precarious position and risk collapse.
Remarkably, the survey also revealed that some SME senior leaders would go to great lengths to ensure the business’s survival. These behaviours range from engaging in cybercriminal activity and committing accounting fraud to neglecting compliance requirements.
Activities that SME senior leaders would consider engaging in include:
- 15% would commit accounting fraud and lie to bankers/investors to secure funding or commit tax fraud/evasion (potentially equivalent to 825,000 SMEs)
- 14% would cut employee salaries or benefits (potentially equivalent to 770,000 SMEs)
- 11% would leverage proprietary information from partners/clients such as selling off the data (potentially equivalent to 605,000 SMEs)
- 11% would neglect compliance requirements due to the additional costs they incur (potentially equivalent to 605,000 SMEs)
- 10% would engage in cybercriminal activity such as hitting a rival company with a cyberattack (potentially equivalent to 550,000 SMEs)
- 9% would mortgage their house (potentially equivalent to 495,000 SMEs)
SMEs decrease cybersecurity spending
Additionally, a third of SMEs have decreased cybersecurity spending due to the economic uncertainty. Or, more worryingly, admitted to never really investing in it.
In fact, as many as 42% of SME senior leaders do not believe it is worth investing in cybersecurity, with over 1 in 5 (21%) believing they are not a target. A further 16% claim it is not worth it because they have cyber insurance and 10% assert it is not a priority. Only 25% realised it was worth investing in cybersecurity because they could not afford to be breached.
CyberSmart CEO, Jamie Akhtar reacted with the following:
“As a business owner myself, I can understand the pressure many SME decision-makers are currently facing to keep their companies running and ensure their employees are taken care of, all while budgets tighten. It is during these times that emotions run high, and people might make irrational decisions that go against their own, and their company’s, best interest. It goes without saying that we would never condone criminal behaviour. Moreover, we would strongly recommend that businesses invest in cybersecurity and compliance.”
“The business ecosystem has become highly intertwined, so no business is immune from cyberattacks. In fact, SMEs could prove to be an easy entry point for cybercriminals looking to hit others within their supply chain, if they have weak cybersecurity postures. While cyber insurance is important for risk transfer, it should not be relied on either. A comprehensive and continuous cybersecurity and compliance strategy is needed to avoid a breach’s financial, reputational and even physical repercussions. Fortunately, there are solutions today that can help in doing so, without breaking the bank.”
Want to know more? We’ll be releasing a full report in the next few weeks. Stay tuned for further updates.
Considering cutting your cybersecurity spending? Find out how to do it responsibly with our guide to protecting your business on a budget.