We use cookies to improve this site and enable full functionality. You can change your cookie settings at any time using your browser. Our cookie policy.

Over a third of small businesses have no budget for cybersecurity

Over a third of small businesses have no budget for cybersecurity | Insurance Business

Over a third of small businesses have no budget for cybersecurity
A survey of more than 1,000 small businesses in the UK found that 38% will not allot a single pound for cyber protection this financial year, with 47% thinking cybersecurity is too expensive.

Conducted last month by YouGov for Duo Security, the online survey also revealed that 30% of these firms have less than 3% of their overall budget going to cyber protection while 45% do not consider themselves hacking targets.

Meanwhile a good 36% of small businesses (with fewer than 50 employees) in the UK actually consider themselves to be operating at or below the “security poverty line,” or the point below which companies cannot effectively guard themselves against cyber threats. However, among the issues affecting cybersecurity, lack of knowledge trumps monetary concerns.       

While government initiatives like Cyber Essentials and Cyber Risk Aware help, Duo Security said an expansion of such programmes is necessary. According to the survey, only 26% of respondents consider the measures effective in making small businesses more cyber resilient.

“The feedback from this survey underlines that more needs to be done to better communicate government initiatives like Cyber Risk Aware and Cyber Essentials to their target audience,” commented Professor Richard Benham, chairman of The National Cyber Management Centre and founder of TheCyberClub.

He continued: “The fact that knowledge to combat cyber threats is considered the biggest requirement to help small businesses rise above the security poverty line shows just how valuable this programme could be in helping educate them in how to tackle cyberattacks, without breaking the bank.”

Wendy Nather, principal security strategist at Duo Security, said when an organisation is IT-poor, it is subjected to a number of complex dynamics that keep it from implementing effective security.

Related stories:
SMEs: You’re vulnerable to cyberattacks too, says NMU
Lockton: UK businesses “severely unprepared” for impact of a cyberattack