by WO_ShippingNews

Almost a third of small businesses have no cyber security strategies

A recent new report from Business in the Community has revealed that many small businesses are leaving themselves vulnerable to cyber-attacks.

Business in the Community is a business-led membership organisation founded by HRH The Prince of Wales to champion responsible business. The research claims that a worrying 30% of small businesses don’t have any cyber security strategies in place what-so-ever. This stat is enhanced with the worrying statistic that in terms of security software, 17% or less of small and medium businesses have no idea when they update security software or do not use them at all and medium businesses have no idea when they update security software or do not use them at all.*

Which Industries are mostly at risk?

It won’t come as a shock to you to read that IT telecoms (coupled with legal) sectors have the most measures in place with only 8% of both sectors indicating they have nothing. Retail (43%), construction (39%) and real estate (36%) have the least cyber security measures in place. Companies classed as working in transportation and distribution sector were the least likely sector to know what, if any, cyber security measures were in place (34%).

cyber security padlock

Staff training beyond the IT department

You can reduce the threat of cyber-attacks by educating or training your staff. Yet, 34% of small businesses thought it wasn’t necessary to provide training for any of their staff outside of the IT department. For a medium sized business this figure sits at 18%. Source: Business in the Community

Of the sectors surveyed, retail (46%), hospitality and leisure (40%) and education (33%) were most likely to think that training isn’t necessary.

Regions in the UK with no cyber security measures

Different parts of the UK also have a different attitude to cyber security, with the report highlighting that 32% in the North East of England and a whopping 40% of businesses in Wales claiming they had no cyber security measures in place what-so-ever

By contrast, 18% of small and medium-sized business in London and 20% of businesses in the East of England and East Midlands stated they have no cyber security measures.

How to prevent your business from cyber attacks

Business in the Community has these recommendations to help your small business improve on the cyber security front. World Options recommends using some of these handy guides to help prevent you from cyber-attacks.

Take the following test
Business in the Community have kindly put together a security readiness test – which you can complete here at Once you have completed the test, the survey will generate a report which you can download as a PDF.

Do The basics
According to the National Cyber Security Centre (NCSC), the following is the minimum number of things a business should do to be more cyber resilient.

  • Make sure your anti-virus software is up-to-date
  • For devices and software (check the manual for more information), choose the most secure settings.
  • Use a firewall to protect your internet connection. You’ll find built-in firewalls on most devices.
  • Take ownership of who has access to your data and information using passwords and specific user accounts
  • Change passwords regularly – Setup mandatory automatic password expiry dates across your organisation.

Develope a cyber security policy for your business
This might sound obvious, but work on a cyber security policy that includes cyber security. This needs to be shared with all current and new employees with regular up to date training provided by your company – including deterrents such as disciplinary procedures.

Back up your data
Back-up your business-critical data regularly, preferably using a process that does it automatically and in one place. When you update software straight away, this leaves fewer holes and bugs in your infrastructure that can be exploited by hackers. Failing this, the NCSC recommends that you set up notifications from whoever provides your software.

Train your staff
Training must be reactive to each department. Especially departments who handle customer and financial data.

Get involved in the cyber security world
Look at what others are doing and pay attention to what’s going on in the cyber security world. Follow authorities on the subject through social media and sign up to newsletters where you can.

Invest in cyber insurance
The NCSC also recommends investing in cyber insurance as a form of support. In the event of any disruption to your business you may incur costs, for example are costs involved with elements such as data loss or replacement of equipment. Insurance also means you will access to specialists at short notice helping to stop an attack and get you back on track as soon as possible.

At World Options we have systems, procedures and policies in place to protect our data and the data of our customers.Feel secure in the knowledge your data is safe with us and BECOME A CUSTOMER HERE.

* Stats used in this article are sourced from: The report, titled Would you be ready for a cyber attack?

Become A Customer