• More than a quarter of SME owners state cyber security as their biggest threat for 2022
• SME’s concern for cyber security has increased by 247% 

23rd March 2022: A new report reveals over a fifth (21%) of SME owners are concerned by overseas cyber threats in the midst of heightened cyber security threats from Russian hackers.

The annual 2022 business challenges report carried out by card payments specialist takepayments Limited, surveyed SME business owners and decision-makers across the UK to discover the current small business landscape for the year ahead.  Over the past two years, the ICO reports that there has been a steady and significant increase in cyber-attacks towards UK businesses[1].

This is reflected in takepayments report as more than a quarter (27%) of small business owners now state cyber security as the biggest threat to their business in 2022, a staggering 247% increase from 2021 (8%).

As the UK imposes more sanctions on Russia, the threat of an over seas cyber attack could continue to increase and businesses within the engineering and manufacturing sector (32%) are the most concerned about the prospect of an over seas cyber attack, followed by the law and security sector (31%).

Takepayments have partnered with cyber security expert James Bore, Director of Bores Security Group to provide their top tips in staying safe online.

1. Backup.Back up everything in at least some form separately from your business’s devices, and test the backups. Nowadays, if you’re using good cloud storage services, they can provide a high level of availability, screening for any known malware, and online storage that business owners can access from anywhere they need for a low cost rather than having to invest in expensive backup hardware. Given the cost of good cloud storage these days, business owners can either identify the most important things to backup or in most cases just ensure absolutely everything data-related is replicated online.
2. Be aware of malware.Malware is any malicious software. There are various different kinds, including viruses, and just like human viruses, no protection will be perfect. Protecting your business from malware is about hygiene – business owners should make sure that their antivirus or antimalware software is installed and turned on (there are good, free options as well as commercial ones, but do your research), make sure staff are not downloading and installing anything dodgy, do regular patching or turn on automatic updates, set up firewalls on machines, and try to avoid using USB sticks or memory cards – with cloud storage these should be largely unnecessary anyway.
3. The hygiene extends to phones and tablets as well. Turning on password protection, using some of the tools business owners are most likely already paying for to make sure devices that go missing can be found, or wiped, keeping everything up to date, and if they use public wifi assume everything they’re doing is visible to someone so don’t do anything sensitive.
4. A few words about passwords.A lot of password device is old fashioned. If business owners have the option, secure passphrases (a collection of random words strung together or written in a sentence) are much more secure and easier to remember than a scrabble of letters and symbols. Business owners should also, for anything sensitive, use 2FA (two-factor authentication) – Google and Microsoft provide their own free Authenticator apps, and another good one is Authy – with an app installed on their phone or tablet.
5. Don’t get hooked.  The vast majority of attacks happen because of malicious emails, commonly known as phishing emails. There are lots of lists of tips about how to avoid them, many of which are highly technical, but as a very basic piece of advice I usually say that if any message (email or voice) is asking a business owner to do anything out of the ordinary, or causing any sort of emotional response (excitement, fear, etc) then take a few seconds to verify it. To do this do not use any of the contact details provided in the e-mail, instead use a phone number they know to be right, a live chat page on a website, or any other method they know to be safe to confirm that the e-mail is genuine.

Sandra Rowley at takepayments limited said: “Cyber security should ultimately be taken as seriously to a business owner as taking out business and liability insurance. More than one in five small business owners created a website for their business during the pandemic according to our recent report, and cyber security should come as a top priority for any business looking to move online. Unfortunately, as further sanctions are implemented towards Russia, the threat of cyber security attack’s could  increase so now is more important than ever for businesses to implement as many cyber security measures as they can to ensure their business is protected as much as possible.” 

The full findings of the takepayments Business Challenges Report 2022 is available to view here.  

[1] https://www.theguardian.com/technology/2022/mar/04/uk-data-watchdog-urges-vigilance-amid-heightened-cyber-threat   

Methodology: 1,050 owners & decision makers of UK SMEs completed the survey conducted by LM research and marketing consultancy in December 2021. Full findings available on request.