Over the past couple of years, the cost of living in the UK has increased significantly. The annual rate of inflation reached 11.1% in October 2022, which was the highest we’ve experienced for 41 years. Consequently, small to medium sized enterprises (SMEs) have found themselves struggling to stay above water, as the cost of sustaining their operations continuously increases.
In fact, a recent study has shown that over 1 in five UK SMEs (21%) are worried that their business will not survive the current economic uncertainty or expect they will have to make a significant business pivot in order to survive. There are approximately 5.5 million SMEs in the UK, and according to the survey this would potentially leave 1.155 million businesses in a precarious position and risk of collapse.
Remarkably, the survey also revealed that some SME senior leaders would go to great lengths to ensure the survival of the business, from engaging in cybercriminal activity and committing accounting fraud to neglecting compliance requirements.
Among the activities that SME senior leaders would consider engaging in, are committing account fraud and lying to bankers/investors to secure funding or committing tax fraud/evasion (15%). Additionally, 14% admitted that they would cut employe salaries or benefits while 11% would leverage proprietary information from partners or clients, like selling off their data. 11% also said they would neglect compliance requirements due to the additional costs they incur. A concerning 10% even admitted they would engage in cybercriminal activity such as hitting a rival company with a cyber attack. Lastly, 9% would mortgage their house to pay for costs.
The results also showed that a third of SMEs have either decreased cybersecurity spending since the economic uncertainty or admitted to never really investing in it. In fact, as many as 42% of SME senior leaders do not believe it is worth investing in cybersecurity, with over 1 in 5 (21%) believing they are not a target. A further 16% claim it is not worth it because they have cyber insurance and 10% assert it is not a priority. Only 25% realised it was worth investing in cybersecurity because they could not afford to be breached.
“As a business owner myself, I can understand the pressure many SME decision-makers are currently facing to keep their companies running and ensure their employees are taken care of, all while budgets tighten. It is during these times that emotions run high, and people might make irrational decisions that go against their own, and their company’s, best interest,” said Jamie Akhtar, CEO and co-founder of CyberSmart. “It goes without saying that we would never condone criminal behaviour. Moreover, we would strongly recommend that businesses do invest in cybersecurity and compliance.”
“The business ecosystem has become highly intertwined, so no business is immune from cyberattacks. In fact, SMEs could prove to be an easy entry point for cybercriminals looking to hit others within their supply chain, if they have weak cybersecurity postures,” Akhtar continued. “While cyber insurance is important for risk transfer, it should not be relied on either. A comprehensive and continuous cybersecurity and compliance strategy is needed to avoid the financial, reputational and even, physical repercussions of a breach. Fortunately, there are solutions today that can help in doing so, without breaking the bank.”