Business owners face a host of risks, so you need to prepare for the worst.
Any company can run into trouble, whether it’s being unprepared for new legislation or coming under attack from cyber criminals. We asked the experts how to deal with the seven most common issues a business is likely to face – and the best way to deal with them.
Threat 1: failing to keep up with technological change
The latest technological developments can present great opportunities to businesses, but a failure to stay abreast of changes can equally be a big threat, says Carl Reader, author of The Start Up Coach and co-owner at accountancy firm Dennis & Turnbull. “Technology is racing forward, and it’s important that you and your business stay up to date to ensure your customer experience is as good as possible. Inaccuracies and inefficiencies all impact the customer experience negatively, so take advantage of technology to improve your service.”
Reader says one of the biggest issues he sees is outdated or paper-based stock systems, and especially outdated payment methods. “We’re now at the point where people can simply pay with a swipe of their phone, so why are some businesses still not even accepting cards and insisting on cash or cheques? Getting rid of all and any unnecessary barriers for your customers should be a priority.”
Threat 2: the potential outcome of Brexit negotiations
“Brexit might continue to be the elephant in the room for many, but the possible consequences are huge,” says Ashan Arif, SME adviser and partner at law firm Clarkslegal. He recommends businesses think about how they might be affected by any shortage of skilled workers that could arise.
“Put a recruitment and training plan in play for the medium-term now. Also, if you’re an exporter, ask whether you’re heavily EU-reliant. If so, how about looking for new markets now?”
Threat 3: a brain drain
“Losing critical employees has got to be one of the most stressful obstacles for business owners and SMEs to overcome,” says Marianne Page, author of business guide Simple, Logical, Repeatable. “Sometimes it can’t be helped, but if they’re leaving for the wrong reasons, it’s time to do something about it.”
Page says that if key staff are quitting without giving a clear reason, it could be beneficial to look at your feedback systems. “Create open lines of communication in your business and listen to your team’s comments and suggestions. The willingness to listen to your team, to allow them to contribute and to trust them, is priceless and will reap the rewards of loyalty and commitment.”
Threat 4: password weakness
The fact that more than 80% of data breaches were the result of stolen or weak credentials shows passwords alone are not enough to protect businesses against cyber attacks, says Richard Walters, chief security strategist at CensorNet, a cloud-security company.
“Often, it boils down to users repurposing the same passwords across multiple personal and business applications or accounts,” Walters explains. “It might be easier for you to remember fewer codes, but if your LinkedIn password is exactly the same as what you use for business apps, you’re making a hacker’s job less complex and those apps far more vulnerable.”
Walters advises firms to introduce multi-factor authentication to reduce these risks. “This uses a number of variables such as location and IP address to validate users, and it needs to play a prevalent role in any SME security strategy. SMEs cannot afford to leave their front doors wide open to hackers.”
Threat 5: new regulations
Red tape is a perennial problem for small firms, and there are a number of new or recent laws that are likely to affect businesses in 2018, says Arif.
“For example, the General Data Protection Regulation (GDPR) will come into force automatically in the UK from 25 May 2018 and will significantly overhaul and modernise data protection rules, imposing much more stringent requirements on any businesses using or processing individuals’ personal data,” he says.
“The pensions auto-enrolment regime will apply to all businesses from February, and the government is already consulting on lowering age limits and the salary threshold. And there are frequent changes in employee rights, tax treatment of contractors and so on, all of which can disproportionately affect SMEs.”
Arif recommends business owners be “proactive and ready” rather than “reactive and at risk”. He says: “Many government websites, for example, the Information Commissioner’s Office, provide good guidance to businesses. Consider also seeking specialist professional advice for areas of real concern.”
Threat 6: failing to look outside the business
Failing to stay abreast of changes in the market can lead to a loss of any competitive advantage you have managed to create, says Reader. “The business world is changing at an ever-increasing pace, and customers, quite rightly, expect more than ever before,” he says.
“Expectations, markets and situations change, and so should your business. Shake off previous mindsets, ignore how things used to be done, and keep your finger on the pulse to find out what’s going on beyond your bubble. Staying on top of advances means your business won’t get left behind in your competitors’ dust, and that you can give your customers what they want, earlier.”
Threat 7: your cyber-security strategy is focusing on the wrong risks
CensorNet’s Walters warns that, too often, smaller businesses concentrate their cyber security efforts on protecting themselves against what are known as ‘zero-day’ attacks – breaches that exploit hitherto unknown weaknesses in software systems.
However, he says the most high-profile cyber attacks that took place in 2017 – including the WannaCry breach, which had a significant impact on the NHS – were the result of criminals exploiting system failings that software providers were already aware of. “This proves that patching systems and updating networks is actually the most important aspect of any security strategy,” Walters says. “SMEs need to forget about layering expensive security solutions to protect against zero-day attacks. They account for less than 0.1% of all attacks, and it’s highly unlikely you’ll be a target. Focus on the basics first.”