A recent study has found that crisis incidents, such as cyber-attacks, extortion, industrial espionage and terrorism, are costing UK SMEs billions of pounds annually. Furthermore, the subsequent downtime following an incident of this nature is putting thousands of businesses at risk of collapse.
In 2018, UK SMEs paid an average of £6,416.50 to deal with crisis incidents, according to the research by insurance broker Gallagher, equating to a combined business cost of £8.8 billion in 2018.
Nearly a quarter of SMEs surveyed said they had been affected by a crisis event last year, equating to 1.4 million across the country – a 5 per cent increase on the previous year. One in six SMEs affected by a crisis spent £10,000 or more to combat crises, with nearly one in 10 paying out in excess of £20,000.
A quarter of SMEs said they would survive for less than a month if they could not trade due a crisis incident, leaving the report to predict that 57,000 UK SMEs could collapse in 2019 as a result of a crisis incident.
Commenting on the findings, Paul Bassett, Managing Director of Crisis Management at Gallagher, says: “Our research illustrates the scale of the challenge facing UK SMEs. When it comes to crises, cyber and IT security clearly represent a “soft underbelly” of businesses that together account for more than 99% of private sector firms. Given that the UK economy is heavily tilted towards services, cyber-attacks and data breaches evidently present a growing and grave threat to small and medium-sized businesses.
“Alongside regularly reviewing their crisis preparedness, response plans and forms of protection, such as insurance, it is critical UK SMEs also assess their ability to survive in the event of a major crisis incident when the risk of serious disruption and protracted recovery process is very real.
“The cost of a crisis is by no means the only consideration. Duration is key — especially with a quarter (23%) of UK SMEs admitting they could survive for less than a month if unable to trade following an incident. For companies with tight margins and limited working capital, even a relatively short-term denial of access to premises or systems paralysis could be a crippling, possibly fatal, blow.
“We urge all businesses to ensure they have the crisis cover and plans in place to strengthen their ability to anticipate, prevent, respond and recover from a major security incident —but also have access to emergency funds, 24/7 crisis response consultants, post-incident counselling and business recovery advice, in order to stay solvent and help them and their people recover quickly.”
Business continuity planning is an essential part of running a robust and successful business.
The frequency of crisis incidences is on the rise and recent events have shown that SMEs should be more aware of how major incidents hitting any part of the supply chain can affect their business, and how they may deal with those events.
IT security and business continuity planning are a collective responsibility and it is essential that SMEs take the necessary steps to protect themselves accordingly.
Our business experts at Beavis Morgan work with many entrepreneurial businesses across a range of sectors, helping them set up and run their own businesses and guiding them through each stage of the process, whilst navigating the challenges and advising them in making the right decisions both now and for the future.
If you would like to find out more about how we can assist you and your business, contact Steve Govey or your usual Beavis Morgan Partner.
Further reading:
SME Adviser Series: Is your business protected against cyber threats?
SMEs must consider supply chain disruption in business continuity plans