Despite misconceptions, it really isn’t just the large companies who pose as a target for cyber-attacks. From start-ups to SME’s, no one is immune to the threat of these breaches. It is estimated that a cyber-attack occurs every 39 seconds, robbing unsuspecting businesses of their data, money and reputation. Don’t let this be your story. We’ve identified the root causes of why businesses still aren’t protected in this ever-changing digital landscape so you can stay informed on how to protect your SME.

 1. Lack of Documentation

Only 24% of micro business have formal documentation policies, a significant decline since 2022. Smaller enterprises may be underestimating or deprioritising the importance of structured cyber security measures.

 2. Remote Work: A Blind Spot

We spoke to Michael, founder of Netmonkeys, who informed us that “Despite the tidal surge in remote working, there hasn't been a corresponding rise in policies covering remote or mobile working.” He said, “this oversight could leave businesses vulnerable, especially in an era where hybrid work models are becoming the norm.”

“Despite the tidal surge in remote working, there hasn’t been a corresponding rise in policies” – Michael Dixon

3. The Gap in Cyber Essentials Certification

While many businesses have implemented the technical controls recommended by the government-endorsed Cyber Essentials scheme, few are getting certified. This gap might be due to a lack of awareness or a conscious choice, but certification can offer an added layer of trust and assurance to clients and stakeholders.

4. The Decline in Cyber Hygiene Post-Pandemic

Data suggests a decline in businesses adhering to the technical controls of the Cyber Essentials scheme since the onset of the COVID-19 pandemic. This trend, predominantly driven by SMEs, underscores the need for continuous vigilance, even as the immediate crisis of the pandemic subsides.

5. Accreditation: More Than Just a Badge

Accreditations like cyber–Essentials Plus, ISO 27001 and PCI DSS are not just badges of honour. They provide structured frameworks for businesses to enhance their cyber security. The fact that larger businesses are more likely to adhere to these standards indicates their value in the broader business ecosystem.

 Our Take

The 2023 findings are a call for SMEs to re-evaluate and reinforce their cyber security strategies. In a world where digital threats are ever-present, proactive measures are the best defence.At NetMonkeys, we're committed to guiding businesses through these cyber-complexities, ensuring that you're not just protected, but also primed for growth in the digital age.

 Contact us to get informed and make sure your business takes the right measures in protecting your data.