SMEs underestimate the impact of cyber-attacks on their reputation

According to the findings of the Small Business Reputation and the Cyber Risk report, despite the vast majority (93%) of small businesses surveyed think about their company’s reputation frequently or all the time, they are not considering how a breach could affect it. In fact, less than a third (29%) of small companies surveyed that have not experienced a breach say the potential damage a cyber breach could cause is an important consideration.

However, 83% consumers surveyed are now concerned about which businesses have access to their data and whether it is safe, and over half (58%) say that a cyber breach would discourage them from using a business in the future. 86% of procurement departments would consider removing a supplier from their roster due to a breach, highlighting that an attack can have serious short and long term implications. 94% of procurement managers say that cyber security standards are important when awarding a project to an SME supplier.

This is reflected by the fact that the majority (89%) of small businesses surveyed who have experienced a breach felt the attack impacted their reputation in some way, with 31% of those having been breached reporting brand damage, 30% reporting a loss of clients and a quarter receiving negative reviews on social media.

One in four (26%) of those surveyed who have experienced a breach have been unable to grow in line with previous expectations, and almost a third (31%) said it took over six months for the business to get back on track. Quality of service is also a risk; those who experienced a cyber breach found it caused customer delays (26%) and impacted the business’ ability to operate (93%).

The vast majority (95%) of small companies surveyed hold data in the IT systems, yet more than a fifth of those surveyed (22%) do not consider it to be commercially sensitive. Even though customer, financial and IP data can be shared with competitors if a company is attacked, just one in five (19%) small businesses said they would be immediately concerned about competitors gaining advantage if they were breached.

The report also reveals that many small businesses (51%) surveyed do not think they will be a target for an attack, despite the majority of consumers worrying about the security of their data, especially in the hands of small businesses.