Cyber Security threats are a problem for every firm. And in particular, email attacks are the number one way for criminals to access a business, whether this is to plant malware or to steal sensitive data such as login credentials or financial information.
Yet many firms still underestimate the danger these attacks pose. There is still a belief among small and medium-sized businesses that they are too small to be targeted. However, this is far from the case.
Smaller firms increasingly being targeted
It’s clear that cyber security, and email security in particular, is not just an issue for large firms. For instance, according to figures from the government’s 2020 Cyber Breaches Survey, almost half of all businesses (46 per cent) have experienced attacks in the last year, with one in three facing such threats on a weekly basis.
What’s more, research by the Federation of Small Businesses (FSB) last year estimated 10,000 small firms a day in the UK come under cyber attack.
The FSB found that in the previous two years, small firms had reported:
- 530,000 phishing attempts
- 374,000 incidences of malware
- 301,000 fraudulent payment requests
- 260,000 cases of ransomware
It’s therefore clear that any business that thinks they’re too small to attract the attention of cyber criminals is sorely mistaken. And as the majority of these threats will arrive via email, this is an essential place to focus your efforts.
The email security risks to small enterprises
A common belief among small firms about why they are complacent is they simply don’t believe the information they possess is valuable enough to be worth a hacker’s time – but this often misses the point. Increasingly, it’s not about how valuable the data may be to a hacker, but how valuable it is to you.
For instance, ransomware is an especially big problem for smaller firms. This involves hackers injecting malware into a business that encrypts and blocks access to vital files, and once infected, firms often have no choice but to pay the hackers for the decryption key if they have failed to make timely backups.
This doesn’t just affect for-profit firms. Healthcare providers, charities, churches and educational institutions are all tempting targets for this sort of attack. Indeed, earlier this year, the National Cyber Security Centre warned of a particular trend for hackers targeting schools and universities via phishing emails to extort money.
The losses small firms face
The financial and reputational losses involved in a cyber security breach can often be unbearable for small businesses. This doesn’t just come in the form of direct ransom payments or fraud caused as the result of mistakenly giving scammers financial details.
It can include lost business, the costs involved with investigations and recovery and even the potential for fines from the Information Commissioner’s Office if personal information is compromised in a data breach.
According to insurance provider Hiscox, the average loss for a small business in 2019 was £11,000, but this can vary widely depending on the severity of a breach, and some companies may never recover. In fact, some estimates suggest as many as 60 per cent of small firms that experience a hack go out of business within six months.
To prevent you from being one of them, it’s vital to boost your security – and this must start with protecting your inboxes from malicious emails. Read our new white paper today to find out how to achieve this by using a layered defence solution.
Download the Essential Guide to Email Security
We have released an Essential Guide to Email Security where you can learn how to defend your firm from email threats.