1 in 4 SMEs fear remote work security risks: UK study

LONDON, UNITED KINGDOM — A recent survey conducted by small business insurer Markel Direct reveals that nearly one in four small and medium-sized enterprises (SMEs) are increasingly worried about securing remote work environments.
The study, which gathered insights from 500 SME owners, highlights that 23% view safeguarding remote operations as a pressing cybersecurity challenge. While remote work ranks as a top concern, a more alarming issue stands out: 62% of SMEs expressed that the growing sophistication of cyber-attacks poses their greatest threat.
Current security landscape
While 52% of SMEs utilize VPN access for remote workers, and 48% provide training on secure remote work practices, vulnerability remains. The majority of businesses have invested in basic protection, with 72% using antivirus software and 69% maintaining regular system updates. However, a troubling 43% of companies fail to train their employees on cybersecurity best practices.
Gaps in preparedness and policy
Nearly half of the surveyed SMEs admitted they would be uncertain how to respond to a cyber-attack, while 69% operate without a formal cybersecurity policy. Experts note that such a policy can be vital in minimizing damage from cyber incidents and creating a structured response plan.
Perhaps most concerning is that 53% of businesses lack cyber insurance coverage, leaving them exposed to potential financial losses.
“Staying ahead of cyber threats is crucial for small business owners, especially as AI-driven attacks continue to evolve,” said Rob Rees, divisional director of Markel Direct.
“Having a robust cyber security policy in place can help create a framework to safeguard against ongoing threats, whilst cyber insurance can help to protect your business in the event of a targeted attack.”
As businesses continue to adapt to hybrid work models, the need for comprehensive cybersecurity measures becomes increasingly critical. The study suggests that while SMEs are taking some steps toward protection, many still lack the fundamental security infrastructure needed to defend against modern cyber threats.