Small businesses must be equipped with cyber security training or we could lose post-Covid innovation – CityAM : CityAM

The pandemic has changed many things about the way our economy operates. While some of these changes may be passing, others will no doubt stick. A successful recovery will take the best of both, recognising the way the economy is, and the way we want it to be – not how it was.

One positive change is the amount of innovation the crisis has fostered. Part of that can be seen in the working practices of companies large and small. But it is also reflected in the fact that we have seen a huge increase in the number of new businesses created during this time – almost half a million in 2020 as reported by Companies House. Pressure and time have driven innovation. 

These start-ups, small businesses located all over the UK, will be critical to our economic recovery – and to levelling up – and it is vital that they are supported and encouraged to grow, creating jobs and wealth. 

For anyone starting out today, healthy cyber security should sit firmly at the top of their lists. You wouldn’t choose to leave the front door to your brick and mortar store unlocked and turn of the CCTV every night when you went home. But many businesses starting out online do the virtual equivalent.

The overwhelming majority of these new SMEs will be part of, or at the very least dependent on, the digital economy: relying on technology and online connectivity for communicating with staff, finding suppliers, employees, customers and partners, and for sales.

In fact, the same is true of most existing businesses too. When the Government asked everyone who could do so to work from home, it made it clearer than ever how much we all now depend on digital technology. The tremendous opportunity of the device in your hand also presents risks however.

This makes cyber security, for businesses large, small, old and new, more important than ever – something I take a particular interest in as Chair of the Cyber Security All-Party Parliamentary Group. 

The shift to remote working as a result of Covid-19 has seen an increase in the number of attempted cyber-attacks, building on an upward trend that has long been visible. It is a myth that such attacks mainly target large businesses — sometimes smaller companies are the weakest point in a supply chain, and the easiest target. A new report from Vodafone drives this point home – they often lack awareness of the cybersecurity risks they face, the protection they need to mitigate them, and the resources to withstand them.

The Department of Digital, Culture, Media and Sport reports that the average cost of a cyberattack is £3,230. This would be barely an irritation to a FTSE-100 company but is enough to wipe out many small businesses.

In fact, almost a quarter of small businesses in the UK would be incapable of surviving a loss on this scale – the equivalent of 1.3 million SMEs. Another 16 per cent, the equivalent of a million more SMEs, would have to lay off staff if they were faced with this kind of cost. That makes SME cybersecurity not a prosaic issue facing a few journeymen trying their hands at a new business during the pandemic, but rather an issue of national economic resilience. 

This Government has a responsibility to stand up for these smaller enterprises, and to make sure that we are doing all we can to protect them. The Government’s cybersecurity policy is world-leading, and the National Cyber Security Centre does excellent work in this space, but we must continually challenge the status quo – advice and protection will only get us so far. 

It is far easier and quicker for criminals who seek to access and exploit data to innovate online than in the bricks and mortar world. We must recognise that and step up the UK response against such criminality.

As we recover economically from the pandemic, we need to make sure that we properly consider the cybersecurity challenges posed by a dispersed and distributed workforce, especially for SMEs and start-ups. It is in everyone’s interests to have businesses of all sizes, throughout the economy, properly equipped to deal with the opportunities and challenges of a digital world.