Half of SMEs experience surge in cyber-attacks – Vodafone research reveals

Half of SMEs experience surge in cyber-attacks – Vodafone research reveals

Cyber-attacks against small and medium businesses soared by 15% during 2022.

  • More than half (54%) of SMEs in the UK had experienced some form of cyber-attack in 2022, up from 39% in 2020.
  • 18% of SMEs said their business was not protected with cybersecurity software.
  • Almost 1-in-5 (19%) of SMEs polled said that an average cyber-attack could cost their business up to £4,200.
  • Invasion of Ukraine and increased geo-political tensions are thought to be leading causes in increase of cyber-attacks.
  • Vodafone calls on the UK Government to do more to raise awareness of current initiatives to support the delivery of local cybersecurity skills.

Over half of UK SMEs (54%) have experienced some form of cyber-attack in recent months a new report by Vodafone Business has found. Similar earlier research, conducted by Vodafone, found 39% of SMEs had experienced some form of cyber-attack in 2020, indicating a rising risk for SMEs at a time when more people work remotely and many businesses depend on digital technology.

Vodafone’s study also found that one third (33%) of SMEs had seen the number of attempted cyber-attacks against their business increase, whilst just 18% had seen the number go down.

The cybersecurity threats facing every small business

For every online threat, there’s a shield to protect your business and your customers – here's everything you need to know, including how Vodafone Business can help.

Find out more

The research, which is published today in a new report from Vodafone – The Business of Cybersecurity – polled over 500 small and medium business owners across the UK and found that more than half (54%) had experienced some form of cyber-attack in the previous 12 months. This compares to similar research conducted by Vodafone a year earlier, which found 39% of SMEs had experienced some form of cyber-attack.

About 1-in-5 (19%) SMEs said that an average cyber-attack could cost their business up to £4,200, a loss they would be unlikely to bounce back from in the current cost-of-living crisis.

The rise in online attacks comes as ONS (Office for National Statistics) data indicates that more than a third of businesses in the UK now use a hybrid working model. The National Cyber Strategy 2022 has also stated that a growing dependence on digital technologies for remote working and online transactions has “increased exposure to risks”.

Since Vodafone last examined the cybersecurity risks facing SMEs in 2020, the invasion of Ukraine and continuing geopolitical tensions have had an adverse effect on the cybersecurity landscape, prompting the National Cyber Security Centre (NCSC) to warn that: “now is not the time for complacency.”

How can small businesses protect themselves against cyber threats?

Protecting your business against cyber-security threats is as much about robust procedures and processes as it is about new technology.

Find out more

Despite this, 18% of SMEs polled by Vodafone said their business was not protected with cybersecurity software, while 5% did not know if they had protection and only 28% were aware of the Government’s Cyber Essentials scheme. The findings echo previous findings from Vodafone. 2022’s SMEs Like Me report revealed that only 8% of SME business leaders saw cybersecurity as a priority.

To ensure that more SMEs are protected from online attacks, Vodafone is calling on the Government to do more to raise awareness of current initiatives to support the delivery of local cyber security skills. This should include providing the required funding to run a targeted ‘Cyber Safe’ awareness campaign for SMEs.

Andrew Stevens, Vodafone’s UK Head of Small and Medium Business, said: “Last year we outlined the significant and detrimental impact of a cyber-attack on a small business, to the tune of up to £3,230 per attack. This figure has now subsequently risen to £4,200, which is a consequence from which most SMEs would not recover.

“These findings reflect a lack of adequate skills and information to equip small business owners with sufficient protections, and while we welcome the progress that has been made by Government with the establishment of nine regional Cyber Resilience Centres across England and Wales, it’s clear that more needs to be done to convince SMEs that they need to be investing in cybersecurity to protect their businesses, especially during a cost-of-living crisis where they are most vulnerable.”

Vodafone and Enterprise Nation commit to upskill digital capabilities of 800,000 UK SMEs over next three years

To date, over 100,000 SMEs have benefited from the business.connected initiative and the range of free business courses it provides.

Find out more

Tina McKenzie, Policy Chair of the Federation of Small Businesses (FSB), said: “The digital economy presents a huge opportunity for small firms to reach new markets and customers, but these benefits come with challenges. This report sheds light on how vulnerable small firms become targets of criminals in the cyber space, when they’re often less able to absorb the cost of crime.

“We’re pleased to see a recommendation to raise awareness on cyber resilience among the small business community through relevant Government campaigns included as part of this research.

“We encourage internet service providers to take on more responsibility for cyber security, along with software vendors, hardware developers, the banks and other financial intermediaries – they’re the best placed and have the resources to implement the most effective measures.”

Download the full The Business of Cybersecurity report.

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics