Freely subscribe to our NEWSLETTER

• Severe data breaches could cost small businesses an average of £6,906 per incident - or 7.27% of their company value - research shows.
• A new report reveals the reputational and financial impact of severe and catastrophic data breaches for top companies and social media platforms.
• On top of the cost of a severe data breach, SMEs could stand to lose a further 4% of their annual revenue by breaching new GDPR guidelines.
• There were 5.9 million SMEs in the UK in 2019, accounting for 99% of all businesses and amounting to a collective potential loss of £41.3 billion.
Small businesses in the UK could lose 7.27% of their value - an average of £6,906 - in the event of a severe data breach, new research shows.

The typical data loss for a large company is between 10 and 99 million records per incident, resulting in an average company value drop of 7.27%. This equates to an average potential loss of $32 (£27.2) billion for top Nasdaq 100 companies and $8.8 (£7.4) billion for FTSE 100 businesses.

This loss of value could prove catastrophic for small businesses, with the average SME being worth £95,000 in the UK. With 99% of all businesses being small to medium enterprises, these potential losses could substantially damage the wider business economy.

The amount lost per breach is determined by the time it takes to identify and contain a data breach, with leading tech companies facing potential losses of £14.1 million per day as a result of taking a total 236 days to fully recover from a breach.

With 60% of businesses reported as having experienced a serious security breach in the last two years, it’s crucial that business owners take steps to prioritise data security in order to minimise loss in the event of a substantial breach.

Bill Strain, Product Development Director of iomart comments on the findings: “These figures are a stark warning about the importance of investing in data protection. Many smaller businesses wouldn’t survive the operational impact of a successful cyber-attack, let alone the financial one of a punishing fine on top.

“Looking at your potential risk and knowing where your data is, controlling who has access to it, and making sure it’s secure should be an absolute priority.

“It’s still the case that most cyber-attacks start by exploiting our human vulnerability. By training staff to spot suspicious emails or links you can lock the front door and then use technological solutions to ensure the hackers can’t get in around the back.”

iomart also offers some top tips on how businesses can create an effective defence against such an attack:
• Keep IT systems and software up-to-date
• Store sensitive data separately
• Control users’ access and privileges
• Secure the email gateway
• Do regular off-site backups of your data
• Provide regular security training for all staff