Key takeaways from the CyberSmart SME cost of living crisis report

Key takeaways cost of living crisis report

The current economic climate has seen better days, but how are the UK’s small businesses weathering the storm? At CyberSmart, we’re curious about how the cost of living crisis has impacted cybersecurity and people in small businesses.

We tasked Censuswide with surveying 1,000 UK SMEs to find out how they’re coping. What followed is our  ‘SME cost of living crisis report’. It explores:

  • How confident businesses are about weathering the economic storm
  • The financial limitations impacting businesses
  • The impact on employees
  • The key impacts on cybersecurity
  • The state of cybersecurity investments 
  • How SMEs can approach cybersecurity in the cost of living crisis

Despite economic conditions, cybersecurity in your business doesn’t need to be all doom and gloom. Our report gives you the knowledge and understanding of the current climate to proactively protect your business. To help you, here are our key takeaways from the report. 

Want to read the report in full? Get your copy here.

1. Cost-conscious businesses are looking for value

Small businesses must be cost-conscious. Careful budgeting and knowing when to invest is key to survival. And this means many small business leaders won’t invest in cybersecurity unless they know the payoff is worthwhile. 

Understanding the benefits of strong cybersecurity is key in these conditions. Without a good level of understanding, decision-makers will overlook its importance.

Key takeaways from cost of living report

Understanding the benefits of strong cybersecurity is key in these conditions. Without a good level of understanding, decision-makers will overlook its importance.

2. Economic uncertainty raises threat levels 

Even though businesses are overlooking the importance of cybersecurity, nearly half of UK SMEs (47%) believe they’re at greater risk of a cyberattack since the onset of the cost of living crisis. 

Economic uncertainty has led to mistrust, too. 38% of leaders are worried about malicious insider threats from employees, while 32% blame higher rates of supply chain fraud. It seems that mistrust comes from inside and outside.

This is why increasing cybersecurity protocols and governance offers real business value. It provides much-needed reassurance that business data is safe, no matter where threats come from.

Key takeaways from cost of living report

3. The employee skill gap is causing mistrust

Your employees are a line of defence when it comes to cybersecurity. But you must equip them with the tools and knowledge to counter potential attacks. 

80% of respondents said that their employees do not fully understand why it is important to keep confidential information secure. And this lack of cybersecurity knowledge is the leading reason for mistrust.

The cybersecurity knowledge skills gap is a prominent factor for uncertainty. Of the 620 SME leaders who claimed to trust their employees, 25% still believe that staff pose the greatest security risk.Key takeaways from cost of living report

4. SMEs are missing important cybersecurity policies 

We noticed that a lack of trust in employees, their cybersecurity knowledge, and no clear internal policies have an underlying impact on small businesses, so we did some digging.

Only 54% of SMEs have clear policies and procedures for sharing information and gaining access to confidential information. This means that just under half of SMEs don’t have important cybersecurity policies, at all. 

Key takeaways from cost of living report

It’s not surprising that leaders demonstrate a lack of trust in their employees, especially when there’s no guidance for the employees in the first place. Here, cybersecurity concerns appear as a vicious circle, and there’s an important gap in employee knowledge and a lack of policies. Key takeaways from cost of living report

5. Basic measures can help to protect businesses

The report reveals that fixing basic, underlying issues can help alleviate the cybersecurity concerns as a result of the cost of living crisis. These issues are:

  • Lack of employee cybersecurity training and resulting cyber confidence 
  • Missing cybersecurity policies, or too few policies 
  • Misunderstanding of the value of cybersecurity tools 

Luckily, investing in cybersecurity doesn’t have to cost the earth. Instead, SMEs must be smart about their investments and increase cyber confidence for their employees.

Key takeaways from cost of living crisis report

Our report takes an in-depth look at these steps and how SMEs can implement them. These steps can help increase cyber confidence in your business and protect against cybersecurity threats.

Cyber confidence is key in the cost of living crisis

Uncertain economic conditions can make even the most stable business leaders feel on edge. Improving cybersecurity governance can help decision-makers protect their business and provide much-needed reassurance that their cybersecurity is under control. 

Read our report today to learn more about the current concerns of SMEs in the cost of living crisis, and how to mitigate cybersecurity threats.

SME cost of living crisis

New: CyberSmart’s SME cost of living crisis report

SME cost of living crisis report

At CyberSmart, we recognise that the cost of living crisis not only affects our personal lives, but the way small and medium businesses (SMEs) manage their priorities, too. 

Uncertainty is never the best feeling for any business leader. A dampened economic outlook can result in SMEs becoming more cost-conscious and less growth-minded. And we’re concerned about the impact on cybersecurity. 

That’s why our latest insight, the SME cost of living crisis report, explores its impact on SMEs, leadership, the workforce, and business cybersecurity.

What’s in the report?

We tasked Censuswide with surveying 1,000 UK SMEs to reveal the current state of the cybersecurity landscape for SMEs. 

The report is full of helpful statistics, figures, and insights that reveal the behaviours of decision-makers during the cost of living crisis.

In the report, you’ll learn about:

  • What’s driving decision-making in the cost of living crisis?
  • The impact on cybersecurity investments 
  • Leadership behaviours and mistrust of employees
  • Cybersecurity policy and governance factors
  • How should SMEs approach cybersecurity in the cost of living crisis?


Discover CyberSmart’s SME cost of living crisis report. Learn more about the impact on cybersecurity, people, and more. Read it today.

Discover key insights about the cybersecurity landscape

At CyberSmart, we work to make cybersecurity simple and accessible to everyone. We aim to provide every business, no matter how small, the tools to protect themselves against cybersecurity threats easily and effectively.

That’s why we’ve incorporated our expert insight into the report, too. We deep-dive into the reasoning behind the report’s findings to support the facts and figures. This provides you with a better understanding of the current SME cybersecurity landscape. 

For example, the report reveals that nearly half of UK SMEs (47%) believe they’re at greater risk of a cyberattack since the onset of the cost-of-living crisis. Why? External threats, insider threats, employee mistrust, and employee negligence are all driving this behaviour, and we explore this in the report. Read it for free today to get the latest insights into SME cybersecurity during the cost of living crisis

SME cost of living crisis

Press release: Over 1.1 million UK SMEs at risk of collapse during current economic uncertainty

SME collapse

Over 1 in five UK SMEs (21%) are worried that their business will not survive the current economic uncertainty or expect they will have to make a significant business pivot. This is according to a survey of a thousand SME senior leaders and decision-makers across the UK, commissioned by CyberSmart (and conducted by Censuswide).

The UK government estimates that the country is home to at least 5.5 million SMEs. If we were to extrapolate the findings, it could mean 1.155 million businesses are in a precarious position and risk collapse.

Remarkably, the survey also revealed that some SME senior leaders would go to great lengths to ensure the business’s survival. These behaviours range from engaging in cybercriminal activity and committing accounting fraud to neglecting compliance requirements.

Activities that SME senior leaders would consider engaging in include:

  • 15% would commit accounting fraud and lie to bankers/investors to secure funding or commit tax fraud/evasion (potentially equivalent to 825,000 SMEs)
  • 14% would cut employee salaries or benefits (potentially equivalent to 770,000 SMEs)
  • 11% would leverage proprietary information from partners/clients such as selling off the data (potentially equivalent to 605,000 SMEs)
  • 11% would neglect compliance requirements due to the additional costs they incur (potentially equivalent to 605,000 SMEs)
  • 10% would engage in cybercriminal activity such as hitting a rival company with a cyberattack (potentially equivalent to 550,000 SMEs)
  • 9% would mortgage their house (potentially equivalent to 495,000 SMEs)

SMEs decrease cybersecurity spending

Additionally, a third of SMEs have decreased cybersecurity spending due to the economic uncertainty. Or, more worryingly, admitted to never really investing in it.

In fact, as many as 42% of SME senior leaders do not believe it is worth investing in cybersecurity, with over 1 in 5 (21%) believing they are not a target. A further 16% claim it is not worth it because they have cyber insurance and 10% assert it is not a priority. Only 25% realised it was worth investing in cybersecurity because they could not afford to be breached.

CyberSmart CEO, Jamie Akhtar reacted with the following:

“As a business owner myself, I can understand the pressure many SME decision-makers are currently facing to keep their companies running and ensure their employees are taken care of, all while budgets tighten. It is during these times that emotions run high, and people might make irrational decisions that go against their own, and their company’s, best interest. It goes without saying that we would never condone criminal behaviour. Moreover, we would strongly recommend that businesses invest in cybersecurity and compliance.”

 “The business ecosystem has become highly intertwined, so no business is immune from cyberattacks. In fact, SMEs could prove to be an easy entry point for cybercriminals looking to hit others within their supply chain, if they have weak cybersecurity postures. While cyber insurance is important for risk transfer, it should not be relied on either. A comprehensive and continuous cybersecurity and compliance strategy is needed to avoid a breach’s financial, reputational and even physical repercussions. Fortunately, there are solutions today that can help in doing so, without breaking the bank.”

Want to know more? Read the report in full here.

SME cost of living crisis

Press release: Heightened risk of insider threats during cost-of-living crisis, according to SME study

insider threats

Our latest research (to be released as a report) reveals fear among UK SMEs about insider threats. Some key findings include:

  • Nearly half of UK SMEs (47%) believe they are at greater risk of a cyberattack since the cost-of-living crisis.
  • 38% believe this is due to increased malicious insider threats, and 35% believe it is due to negligent insider threats.
  • 1 in 4 believe staff are overwhelmed or concerned about meeting their financial commitments.
  • 20% believe employees will steal sensitive or proprietary data from the company to sell for profit or for a competitive advantage.
  • 17% believe employees will seek to harm the company’s reputation due to resentment over salary cuts/stagnation and/or layoffs.

London, UK (15th June 2023) – Nearly half of UK SMEs (47%) believe they are at greater risk of a cyberattack since the onset of the cost-of-living crisis. Of these respondents, 38% believe this is due to increased malicious insider threats (i.e., disgruntled employees making decisions that are not in the best interest of the company) and 35% believe it is due to negligent insider threats (i.e., overworked or distracted employees making mistakes). This is according to a survey of a thousand SME senior leaders across the UK, commissioned by CyberSmart, the category leader in simple and accessible automated cybersecurity technology for small and medium-sized enterprises (SMEs), and conducted by Censuswide.

In light of the economic uncertainty, almost 1 in 3 employers (29%) admit that employee salaries have stayed the same: in effect, resulting in a decline of real wages to accommodate for inflation. A further 11% have even gone so far as to reduce salaries. What’s more, nearly a quarter (24%) of SMEs have hit pause on recruitment, while 16% have laid off employees for budgetary reasons.

It is no coincidence then that 1 in 4 employers (24%) are finding that their staff are overwhelmed or concerned about meeting their financial commitments, while nearly a fifth (18%) find they are feeling overworked. Moreover, 16% believe their staff are less engaged or productive due to the stress, 14% think they are more disgruntled and 11% have noticed an increased rift between senior leadership and employees.

Remarkably, employers expect their employees might engage in the following activities whilst in this unhappy state.

  • 22% believe employees will take on a second or third job during contractual hours.
  • 22% believe employees will be more likely to make mistakes such as clicking on a phishing link.
  • 20% believe employees will steal sensitive or proprietary data from the company to sell for profit or for a competitive advantage.
  • 17% believe employees will seek to harm company reputation due to resentment over salary cuts/stagnation and/or layoffs.
  • 14% believe employees will use AI such as ChatGPT to do their job for them.
  • 14% believe employees will steal money from the company or commit financial fraud.

“Not all businesses are experiencing a negative company culture as a result of the crisis. In fact, 20% believe the cost-of-living crisis has brought the company closer together and 16% of employees are becoming more motivated to impress senior leaders. Nevertheless, in times like these, it is crucial that employers are mindful of how their staff are coping,” said Jamie Akhtar, CEO and Co-Founder of CyberSmart. “It only takes one disgruntled or overworked member of staff to make a decision that could put the entire business at risk. This research highlights the importance of conducting regular security awareness training, but also the need to show up for employees with empathy and support.”

It should be noted that SME business leaders also consider external forces to be responsible for the growing risk of cyberattacks, with 32% attributing it to higher rates of supply chain fraud and 31% expressing concern about nation-state interference from hostile countries such as Russia and China.

Want to know more? Read the report in full here.

SME cost of living crisis

How much of your IT budget should you spend on security?

IT budget

It looks like IT budgets will continue to grow this year despite the threat of a recession. 51% of organisations plan to increase their IT budget, with just 6% reporting they’d cut back on tech spending. 

At face value, this is good news. But with rising inflation, the real value of these budgets is less than last year. Because IT budgets need to stretch into every corner of businesses, there’s likely to be some pressure around spending. And the amount of IT budget spent on security could end up being less compared to last year. 

That could leave organisations more vulnerable to cyber threats, but cutting security costs doesn’t have to mean adopting a less robust security solution. Protecting your business from the most common and deadly attacks doesn’t have to break the bank.

How much should IT security cost?

It’s far too common to hear “how long is a piece of string?” when asking this question. 

For companies with 500 or more employees, it’s hard to define how much IT security should cost because their size, reach, and security needs are too variable and complex to assign a fixed number to. For example, last summer Google announced they’ll invest 10 billion dollars in cybersecurity over the next five years. 

But for smaller businesses, it doesn’t have to be complicated. 

  • If you work alone, a good level of cover should cost you £1,000–£3,000 a year
  • If you run a small business with 40 employees, a good level of cover should cost you £2,000–£5,000 a year
  • If you have 250–499 employees, a good level of cover should cost you £8,000–£12,000 a year

Worried about rising IT costs? Check out our guide to protecting your business on a budget.

How does that compare to the cost of a breach?

Let’s look at the amount of IT budget spent on security compared to the amount of IT budget spent because of security breaches. 

The UK Government’s Cyber Security Cyber Breaches Survey 2022 revealed that 39% of UK businesses identified a cyberattack in the 12 months before the survey. Where those businesses reported a material outcome, the average estimated cost was £4,200. For medium and large businesses, the average cost was £19,400. In another report, 73% of victims revealed they’d experienced more than one attack in a year, so the costs can quickly add up. Some costs are harder to calculate, such as damage to brand reputation and customer retention. 

What should you look for in a security solution?

Broadly speaking, you can break this up into two sections:

1. Supplier

Choose a cybersecurity supplier who can provide a good level of support, e.g. unlimited guidance. This is especially helpful if you’re a smaller or new business that’s just getting started with cybersecurity, as it’ll give you extra peace of mind. Look into the level of flexibility the supplier gives you, too. If budget and payment terms are a concern, a subscription-based service that offers monthly payments is more affordable than paying the whole year upfront.

2. Functionality

Look for a solution with buildable components so your security coverage can grow as you do.

Here are some key things to look for:

Certifications

Accreditations like the UK Cyber Essentials scheme outline the security procedures you should have in place to secure your data. It’s recommended for SMEs because it helps you to protect your business against 98.5% of the most common types of cybercrime, like phishing and malicious software. 

Privacy support

Your business must manage data safely, securely, and in compliance with data protection laws. Some providers will help you to field subject access requests, write data protection policies, and keep on top of your data protection obligations by providing tools and templates to streamline your processes.

24/7 monitoring and employee training

For complete peace of mind, look for providers that offer 24/7 monitoring of all devices connected to company data. They’ll check for the most common threats and vulnerabilities, helping you to manage risk and alerting you in the event of a breach.

To support this, look for solutions that include employee training alongside 24/7 device monitoring. More than three-quarters (77%) of senior IT leaders agree that internal security and governance risks are as high as external ones. So, it’s a good idea to keep your employees up-to-date with engaging and informative training sessions.

Insurance

Cyber insurance can support your business if you suffer a malicious attack or data breach. It can cover first-party (your assets) and third-party (customer data) so that in the event of an incident, you can recoup lost earnings due to operational downtime or reputational damage. 

What if you’re struggling to find the budget to pay for security?

Lots of companies will be trying to find ways to cut costs or reallocate money to cover non-negotiable expenses. If you’re struggling with the rising cost of living and balancing your budgets, these might help you to trim the fat a little.

  • Can you reduce any old/redundant tech? This might help you to save money on subscriptions or hardware you don’t need
  • Can you cut any non-essential spending? E.g., travel or office upgrades
  • Could you re-evaluate partners and suppliers? Are they giving you the best deal or relying on your loyalty and pushing up prices? 

Recession-proof security

If you’re ready to take control of your business security, now’s a great time to start. It’s always better value for money to pay for security cover than suffer the cost of an attack and its repercussions. Be proactive, and make every penny count with the right solution for your business size.

Want to know more? Discover how to protect your business on a budget in our cost of living crisis guide.

Cost of living crisis

How to reduce the cost of cybersecurity responsibly

Cost of cybersecurity

With the economy taking a turn for the worse, you may be looking for ways to cut your business spending. However, when it comes to cybersecurity, you can’t afford to be complacent – cutting back on this could cost you more in the long run if you lay yourself open to cyberattacks. So, here we look at how you can reduce the cost of cybersecurity responsibly and stay safe online.

Risks are rising

When you consider the potential impact a cyberattack could have on your business, you want to be sure you’re protected as securely as possible. According to a study by TrendMicro, 60% of small businesses close within six months of a cyberattack. And, even if your organisation survives an attack, the cost of cybercrime can be crushing, as a study by Cisco found that 40% of small businesses hit by a severe cyberattack experienced at least eight hours of downtime.

You can’t afford to think that it won’t happen to you. Cybercrime incidents are now commonplace. According to the UK government’s Cyber Security Cyber Breaches Survey 2022, 39% of UK businesses had identified a cyberattack in the past 12 months. And those companies that reported a material outcome, such as loss of money or data, experienced an estimated average cost of £4,200. But, where only medium and large businesses were considered, this figure rose to £19,400.

Unfortunately, experts are also predicting that with the cost-of-living crisis, cyberattacks will rise even further as cybercriminals step up their efforts. And the indications are that this is already happening. According to the 2022 State of Phishing report from SlashNext, phishing attacks increased by 61% in 2022. The Anti-phishing Working Group (APWG) also reported that there were three million phishing attacks in the third quarter of the year. This was the worst quarter it had ever seen. In addition, the percentage of users affected by targeted ransomware doubled in the first 10 months of 2022, according to Kaspersky Lab.

Worried about rising IT costs? Check out our guide to protecting your business on a budget.

The cost of cybersecurity

As rates of cybercrime have gone up, so has the cost of cybersecurity that can protect your business from so many risks. Organisations therefore often find that their spending on cybersecurity is substantial. For example, the Pursuing Cybersecurity Maturity at Financial Institutions report by Deloitte and the Financial Services Information Sharing and Analysis Center revealed that banks, insurance companies, investment managers, and other financial services companies spend between 6% and 14% of their IT budget on cybersecurity. This is approximately 0.2% to 0.9% of company revenue.

In light of these risks, how do you cut the cost of cybersecurity for your business responsibly without suffering severe consequences? It’s vital when considering cost-cutting in this area, that you strike a sensible balance between saving money and safeguarding your business. Well, thankfully, there are various measures you can take which will protect your business while keeping the cost of cybersecurity down.

Assess, prioritise and manage risks

The key to cutting the cost of cybersecurity responsibly is to assess, prioritise and manage risks. If your business has been operating for a while, the first step is to take stock of what tools are already in place. There may be some duplication, which you can remove to start making savings. You could also consolidate tools and use more automation, to improve efficiency without impacting your level of cybersecurity protection. 

It’s impossible to guarantee 100% protection from every threat, but you can focus on limiting the most likely ones. One risk it pays to address is the threat of phishing attacks. Data shows that 91% of all cyberattacks start with a phishing email, so prioritise your defences against this. Phishing is a type of social engineering attack, whereby a cybercriminal sends a message intended to trick the recipient into revealing sensitive data or downloading malware. So, ensuring that your employees receive good cybersecurity awareness training will reduce the chance of them succeeding. This can be a relatively low-cost cybersecurity measure and sets your staff up as a human firewall to safeguard your business.

While it’s vital to protect your business network, rather than having an in-house IT team to manage your cybersecurity, which can be expensive, you could also explore the alternatives, such as deploying a comprehensive cybersecurity solution. For example, with CyberSmart Active Protect, you can protect every device in your business, around the clock, with no need for an in-house team, expensive tools, or specialist expertise. This also provides the invaluable cybersecurity staff training, you need to strengthen your defences.

Step up your cyber hygiene

Another important step you can take to keep your business secure and the cost of cybersecurity down is to boost your cyber hygiene. This involves adopting rigorous, proactive procedures to protect against cyber threats, such as:

Backing up all data

Ensure all data is backed up to a secondary source, such as cloud storage, to help prevent your information from being lost in a security breach. This may sound obvious, but it’s often overlooked.

Using good password management

Use unique, complex, and regularly updated passwords. You could also consider using a password manager app to generate new ones each time and store them safely.

Updating your software

Regularly review and update all your software to ensure you’ve got the latest protection against security threats.

Limiting access

Only give login details to employees for the systems they really need access to, and limit admin-level access to those who must have it. This can help prevent any employee-related security issues.

Providing company devices

Avoid letting employees use their own devices, if possible. It gives you more control over where your data is and keeps you safe if an employee leaves your business.

Free online guidance

If you run a small business and want to improve your cybersecurity without breaking the bank, check out the National Cyber Security Centre’s Small Business Guide: Cyber Security. This offers practical, affordable advice. 

It explains simple measures you can take to protect your organisation from malware, such as ensuring that your firewall is switched on. It’s important that you have secure internet connectivity, and this creates a ‘buffer zone’ between your network and external networks. This is a straightforward step to take, as most popular operating systems now include a firewall.

Further free and invaluable advice, more appropriate for medium and large businesses, on how to build strong cybersecurity is also available via the National Cyber Security Centre’s 10 Steps to Cyber Security.

Cyber Essentials certification

Finally, if you want to keep the cost of cybersecurity down as responsibly as possible, you should gain Cyber Essentials certification. This is a cost-effective, UK government-backed scheme which covers everything your business needs to do to protect itself from cyberattacks. Simply by being certified, you can reduce your cyber risks by up to 98.5%.

This could also bring welcome new business your way, as it’s a great way to demonstrate to new customers that you take cybersecurity seriously. It also gives you the ability to bid for government tenders that require Cyber Essentials certification. What’s more, if you gain your certification with us, you get £25k free enhanced cyber insurance, for added peace of mind.

Cautious cost-cutting

Reducing the amount you spend on cybersecurity responsibly is possible, but should be carried out with caution. However, with the right know-how, you can keep expenditure down and ensure your business has the strong cybersecurity protection it needs.

Want to know more? Discover how to protect your business on a budget in our cost of living crisis guide.

Cost of living CTA 2

Why cybercrime increases during a recession

Why cybercrime is increasing

The economy has taken a battering in recent times, and there’s much talk about the so-called ‘cost-of-living crisis’ we’re now experiencing. Whether there’s a full-blown recession ahead, or not, it looks like the economic outlook won’t improve any time soon. And experts agree this will spark a surge in cyberattacks. So, let’s take a look at why cybercrime increases with the looming threat of recession.

Why we can expect cybercrime to increase

The word among industry analysts is that the ongoing economic downturn will result in a significant rise in cyberattacks. Cybercriminals are already exploiting the financial situation, with an increase in social engineering attacks such as phishing emails offering rebates on energy bills to target vulnerable individuals and businesses. And, by all accounts, we can expect a great deal more of the same to come, as a distinct correlation exists between an uptick in cyberattacks and economic uncertainty.

Data shows that some types of cyberattacks are already rising considerably. According to Kaspersky Lab, the percentage of users affected by targeted ransomware doubled in the first 10 months of 2022. Phishing attacks also increased by 61% in 2022, according to the 2022 State of Phishing report from SlashNext. And, the Anti-Phishing Working Group (APWG) reported that there were a total of three million phishing attacks in the third quarter of the year – amounting to the worst quarter it had ever seen. 

Considering cyber insurance for your business? Check out our new guide for everything you need to know.

What role do businesses play? 

There are many reasons why cybercrime is increasing amid the current economic uncertainty. But most importantly, businesses are having to make difficult decisions to rein in costs. This is completely understandable in the climate. After all, we’re all trying to keep our heads above water, but this could have a direct effect on businesses’ online safety.

Although it’s ill-advised to reduce cybersecurity budgets, many business leaders underestimate the value of cybersecurity. The situation isn’t helped by the perceptions of cybersecurity within organisations. IT leaders can often find it difficult to justify spending on cybersecurity, which doesn’t often deliver visible benefits in the way other OPEX spending does. Think about it; you’re unlikely to hear much about your business’s cybersecurity unless something goes wrong. 

The result is often cuts in places they shouldn’t happen. Consequently, such companies are at higher risk of falling foul of cyberattacks.

Businesses may also decide to cut spending by letting staff go or not replacing those that leave. And this can also impact a company’s resilience to cybercrime. Cutting IT staff may mean you have fewer people to provide the necessary protection. 

This also increases the pressure on your remaining staff which can lead to mistakes and oversights, which weaken your defences further. For example, if they receive a phishing email they’re more likely to make an error of judgement and click on a link that could download malware into your network.

Cybercriminals aren’t immune to economic instability

If you’re still wondering why cybercrime is increasing, well, a recession hits cybercriminals as well as their victims. So, this can be a strong motivating factor for the bad guys to redouble their efforts and make more money. The hard fact is that a recession, or economic downturn, incentivises cybercriminals to invent new types of threats. This was demonstrated during the recession of 2008 when the FBI reported a 22.3% increase in online crime. 

More recently, a crisis of a different sort, the pandemic, sparked a similar surge in cybercrime. And there’s no reason to think the current hardships won’t create a similar spike. Companies will continue to lay off employees in the months ahead, and some may be tempted into cybercrime to make ends meet. Disgruntled employees who’ve been fired could also launch damaging attacks on businesses that have let them go, especially if they still have access to sensitive data.

Another repercussion of the recession is a possible rise in insider attacks from employees who are feeling the pinch. This is particularly likely in businesses that have been forced to freeze salaries. Cybercriminals can specifically target possible insiders to help with data breaches or cyberattacks, using social media and offering bribes. 

Fighting back on a budget

Cybersecurity isn’t a nice to have, it’s business critical. And this is never truer than in times of economic crisis. 

Small and medium-sized businesses often underestimate the danger they’re in. In part, due to the perception that only large corporates are targets. However, the truth is that cybercriminals don’t discriminate and the effects can be devastating. In fact, research has found that 43% of all data breaches involve small businesses.

However, you don’t need expensive tools, expert consultants, or an in-house technical team, to protect your business from cyber threats. It’s perfectly possible to build good defences on a sensible budget. Tools like CyberSmart Active Protect offer everything you need to get your cybersecurity in order, without huge investment. 

Active Protect provides secures all employee devices that touch your company data. Just send a downloadable link to staff, and Active Protect will check around the clock for the most common cyber threats and vulnerabilities It also includes our training academy, which provides your employees with the basic cyber skills to better protect themselves and your business. 

Want to know more? Then check out our guide to cybersecurity on a budget.

Cost of living crisis