Share with your friends

Small Business Reputation & The Cyber Risk

Small Business Reputation & The Cyber Risk

UK small businesses are underestimating the impact a cyber attack could have on their reputation and must take steps to protect it, according to the findings of the Small Business Reputation and the Cyber Risk report, by the Government’s Cyber Streetwise campaign and KPMG.

Paul Taylor

Partner, Cyber Security in Financial Services

KPMG in the UK


Also on

Cyber Streetwise

In the past few years there has been a rapid expansion in the development and adoption of new communications technologies which continue to transform Government, business and the ways in which we interact with each other. Cyber crime undermines confidence in our communications technology and online economy. There were an estimated 5.1m incidents of fraud and 2.5m incidents falling under the Computer Misuse Act recorded last year (ONS, 2015)1. Add in recent high profile hacking cases and the issue of cyber security is now more important than ever.

But is it front of mind for small businesses? Cyber Streetwise and KPMG surveyed 1,000 small businesses and 1,000 consumers across the UK to assess how small businesses feel about cyber security, how they are protecting themselves and the impact of a cyber breach on their reputation.

KPMG Cyberstreetwise

Key findings:

  • Cyber security was cited as one of the top concerns by less than a quarter of small businesses (23%), yet it is fast becoming the only way to do business:
    • 83% of consumers surveyed are concerned about which businesses have access to their data and 58% said that a breach would discourage them from using a business in the future.
    • Recently published KPMG Supply Chain research supports this2; 94% of procurement managers say that cyber security standards are important when awarding a project to an SME supplier and 86% would consider removing a supplier from their roster due to a breach. 

  • UK small businesses value their reputation as one of their key assets. Yet they are hugely underestimating the likelihood of a cyber breach happening to them and its long term impact:
    • 60% of small businesses surveyed have experienced a cyber breach, but only 29% of those who haven’t experienced a breach cited potential reputational damage as an ‘important’ consideration. 

  • The impact of a cyber breach can be huge and long lasting. 89% of the small businesses surveyed who have experienced a breach said it impacted on their reputation.  Those who experienced a breach said the attack led to:
    • Brand damage (31%)
    • Loss of clients (30%)
    • Ability to win new business (29%)

  • Quality of service is also a risk. Those surveyed who experienced a cyber breach found it caused customer delays (26%) and impacted the business’ ability to operate (93%).        
[1] These are results from an ONS field trial, carried out for the first time in 2015, of new survey questions on fraud and cyber-crime as
part of the Crime Survey for England and Wales. It should be noted that these capture incidents which may not meet the threshold of a crime under the Home Office Counting Rules.
[2] SME Supply Chain, KPMG, 2015

© 2021 KPMG LLP a UK limited liability partnership and a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organisation please visit

This article represents the views of the author only, and does not necessarily represent the views or professional advice of KPMG in the UK.

Connect with us


Want to do business with KPMG?


loading image Request for proposal

Save, Curate and Share

Save what resonates, curate a library of information, and share content with your network of contacts.

Sign up today