Five things to know about cyber security and small business 

small business saturday - sign saying thank you for shopping local

Small Business Saturday UK is intended to highlight small business success, and encourage people to shop local and support small businesses in their own communities. Almost every business in the UK is a small business*, so this is a great initiative. We’d encourage you to support small businesses too. 

There’s a 50% chance that you work in a small business. Given that most small businesses are micro, you might well be running a small business. If that’s you, there are some things you should know about protecting your business. 

Cyber security and small businesses 

  1. Cyber-attacks do not only happen to big companies. So, thinking that you are safe because ‘I’m so small that they won’t be interested in me’ is risky. Not only do you almost certainly hold information that might itself be of value to an attacker, that information might help them reach a bigger target—perhaps one of your customers, suppliers or other business partner.  
  1. Cyber-attacks are not usually highly targeted. Some are, of course, but most are random phishing attacks. So, thinking that you are safe because (for example) you blend coffee beans, print car wraps, are a one-man accountancy firm or a day-care centre is also high risk. For instance, suppose your website is running out-of-date software (and therefore could contain security holes). This information is likely to be available in the code. A web search by an attacker for sites with this version of software will come up with a list of websites they can target for attack. They don’t care whether you sell coffee beans or print car wraps.  
  1. Almost every business holds information of value.  If you store any customer information, whether this is information about the general public (perhaps the personal details of the families whose children you look after), or information about businesses that you sell your products or services to, hackers may be interested. There may not be much information, but they can put this together with other small bits of information, to create a database of information that small-scale hackers can sell on the dark web to other, more sophisticated hackers. 
  1. Getting a Cyber Essentials certification helps. Going through the process of strengthening your cyber defences this way really does help. Not only with deflecting attackers, but also with getting cyber insurance if you want it, and, importantly, with winning future business. People like to work with companies that will protect their information. 
  1. Cyber attackers are usually running a small business too. People don’t usually think of hackers as business people, but most are (again, not all—some do it just for fun). They’re usually looking to make as much money as they can for the least amount of effort. So why not make attacking your business as difficult as you can? 

How to strengthen your defences against cyber attack 

The best way to build your defences is to put the fundamentals in place first. If you’re not sure where to start, begin by reading our Foundations series. It covers topics such as backing up your data, understanding phishing risks, protecting your business from malware, and putting strong passwords in place.   

If you want to read more, we recommend the NCSC 10 Steps to Cyber Security, and of course, our own blog posts which cover a range of security topics for you to browse through. 

Once you are ready to act, contact us to find out how we can help. Whether this is with putting those building blocks in place, or helping you get Cyber Essentials certified. Call us on 0113 733 6230, or use our contact form to get in touch

* According to the UK government’s statistics (Business population estimates for the UK and regions 2022: statistical release (HTML) – GOV.UK ( there were 5.47 million small businesses in the UK in 2022, which together account for around 99% of the total business population and for about 47% of employment.