Think your small business isn’t at risk? Think again!

Below is an extract from a publication by the British Insurance Brokers Association (BIBA) which they have given Shaping Portsmouth permission to share with our audience. The Business Digital Resilience programme asked BIBA for permission to share it because it contains a very important message for all small business owners.

The Risk to Small Businesses

There’s a common misconception that cyber attacks are only a “big business” problem, and it’s easy to see why. Cyber attacks on larger businesses tend to grab the attention of the press because they involve familiar brand names and involve substantial amounts of customer data.

But thousands of smaller businesses suffer cyber incidents each year.

In fact, 96% of all cyber attacks are directed at small
and medium-sized businesses.

Here’s why:

  • Small businesses are low-hanging fruit: Cyber criminals look for the easiest and fastest way to be successful.
    Smaller organisations may have less resources and time to train staff on cybersecurity risks, which makes them more susceptible to attacks like social engineering. They’re also more likely to pay ransom demands when they feel like they don’t have anyone to turn to for help.
  • Small businesses can be the gateway to larger organisations: Many small and medium-sized companies are connected to the IT systems of larger partner organisations. So, when cyber criminals want to infiltrate larger and more secure organisations they often target their suppliers. What’s more, many of these IT relationships are identifiable through publicly available data.

  • Small businesses can be collateral damage: If a cyber attack is launched against a large partner or technology provider, the smaller businesses that rely on those organisations can also be adversely affected. This could involve disruption to their business, breached data, or even reputational harm.

Threat actors are looking to target companies who are vulnerable, rather than valuable.

Source: British Insurance Brokers Association (2022). A Guide to Cyber Insurance; Helping businesses prevent and survive cyberattacks. Available from