Many small and medium-sized businesses in the UK would rather risk customer data than their own growth, despite a cybersecurity incident posing a significant threat.
In a new report from cybersecurity specialists Defense.com, cost, as well as confirmation bias, were found to play a major role in the cybersecurity decision-making process.
According to the report, almost a quarter (24%) of SMBs spend nothing on cybersecurity, with an additional quarter spending less than $1,300 a year.
- These are the best database software (opens in new tab) solutions out there, right now
- Check out the best data loss prevention services (opens in new tab) today
- Here are the best data loss recovery services (opens in new tab) on the market
The main reason why they decide not to prioritize investment in cybersecurity defenses is confirmation bias - a third (34%) believe they’re too small to be targeted, and an additional fifth (19%) believe their business data isn’t an interesting target for criminals.
The second key reason is cost - for 25% of small businesses, it’s simply too expensive to set up a strong cybersecurity solution.
Pandemic a poor motivator
Even the pandemic, during which the number of businesses falling foul of a data breach grew exponentially, did not prove the case for investment, for many SMBs. More than a third (35%) believe the pandemic increased their exposure to risk in the cyber-realm, yet 40% were not prompted by it, to invest further.
The pandemic has forced businesses to decentralize the workforce and send their employees to work from home. Many of those employees were thrown into a remote-working environment for the first time, struggling to find their way around. Cybercriminals took advantage of the fact, targeting dazed and confused remote workers with unprecedented effort.
In fact, a recent Canalys report stated that there had been more files hacked in 2020 than the previous 15 years combined.
The pandemic drove many firms out of business, while others only ensured their survival by implementing stringent measures, which usually involved curtailing the cybersecurity budget, the report said. This exposed businesses to attacks by organized threat actors as well as opportunistic hackers.
- Here’s our rundown of the best endpoint protection software (opens in new tab) out there