According to the UK government’s annual “Cyber Security Breaches Survey 2023,” smaller businesses are less proactive in identifying cyber threats compared to a year prior. Considering the current economic climate in the UK, senior managers at the helm of smaller organizations are perceiving cyber security as less of a priority. As a result, there’s less logging and monitoring of breaches or attacks.
Cyber Security: Key Findings
The percentage of micro businesses saying that cyber security is a high priority has decreased from 80% in 2022 to 68% in 2023. What the data reflects is that cyber security has experienced a sudden descent due to external factors, such as economic uncertainty and inflation.
According to the government’s guidance, most cyber threats are simple in nature and only require small businesses to implement “cyber hygiene measures.” This can include restricted admin rights and network firewalls, cloud back-ups, passwords, and updated malware protection. Both small businesses and charities currently employ a wide range of these anti-fraud tools.
However, in the last three rounds of this survey, it was discovered that certain areas of cyber hygiene measures have experienced a drop in use. The use of network firewalls is expected to fall from 78% in 2021 to 66% in 2023. The restriction of admin rights is also expected to decline from 75% in 2021 to 67% this year. And the use of password policies will likely decrease from 79% in 2021 to 70% in 2023.
These findings are troubling as poor cyber hygiene can lead to significant consequences: data compromise, security incidences, and data loss.
More Vulnerability to Hackers than Ever
According to the study, 66% of small businesses were lacking board members or trustees to oversee cybersecurity in their organizations. The evolving business environment, as well as the move towards remote work, further complicates the ability to identify a cyber security attack.
John Davis, Director UK & Ireland at SANS Institute EMEA, the largest provider of cyber security education in the world said that “businesses are battling enormous pressures in today’s climate, amid inflation and supply chain issues.”
“Hackers are looking to exploit this. Their attacks are more prevalent, more sophisticated and harder to detect,” he added.
Most small businesses lack an IT team and therefore Davis suggests moving operations to the cloud as it contains robust security.