A startling new poll of 1,000 small and medium-sized enterprise (SME) owners in the UK has uncovered a looming cybersecurity crisis, with one in five businesses admitting they would be forced to close their doors within three months following a data breach. The research, commissioned by Samsung to launch its Galaxy S26 Ultra Enterprise Edition, highlights that SMEs face a combined estimated annual loss of up to £100,000 due to unbudgeted security fixes and malware recovery efforts.
Alarming Security Gaps and Risky Behaviors
Despite these severe financial risks, the findings reveal widespread complacency and dangerous day-to-day habits among SME owners and employees. A significant 58 percent of respondents connect to free public Wi-Fi networks, with 15 percent accessing sensitive work documents while using these unsecured connections. Furthermore, almost a third (32 percent) of SMEs reported working from coffee shops at least once a week, and 24 percent do so on public transport, increasing vulnerability to cyber threats.
Even though many businesses blame breaches on phishing attacks and lack of staff awareness, 67 percent have not introduced new cybersecurity measures in the past year. Compounding the issue, 45 percent provide no cybersecurity training at all, leaving employees ill-equipped to recognize warning signs of phishing and early malware infections, which exposes businesses to greater risk.
Proactive vs. Reactive Security Approaches
More than a fifth (21 percent) of the businesses polled described their current security strategy as reactive rather than proactive. While owners express awareness of various threats—such as phishing and scam messages (88 percent), malware (84 percent), unauthorised apps (53 percent), rooting or firmware tampering (32 percent), and snooping (29 percent)—their actions often fall short. One in five admitted they would not know if their device had been compromised, and 58 percent download apps or software to work devices without first checking security permissions.
Additional risky practices include nearly one in four (23 percent) leaving a device unlocked and unattended in public, and 31 percent never using a physical privacy screen to protect sensitive data. With three-quarters (74 percent) of SMEs using mobile devices for work, it is concerning that almost half (49 percent) do not prioritize cybersecurity when selecting these devices.
Expert Insights and Technological Solutions
The research was launched alongside a new video featuring Stephen Libby, a former cybersecurity expert and winner of the 2026 Traitors show, who emphasized the critical dangers of weak digital practices in the workplace. Libby stated, "Cyber security breaches are a massive issue for any business, and this traitorous behaviour can especially affect SMEs. A single incident can disrupt operations or even force a business to close. With so much work now happening on phones, it’s crucial that businesses ensure they’re using devices with strong built-in security and privacy protections to keep sensitive information safe."
Annika Bizon from Samsung, which developed the new device with a built-in Privacy Display and government-grade Samsung Knox security, added, "Small and medium businesses are the backbone of our economy, yet they are increasingly targeted by cybercriminals because they often lack enterprise-grade protection. Technology should help level the playing field. By building advanced security directly, we’re helping businesses with the tools to stay proactive and protect sensitive data wherever work happens."
This study serves as a stark warning to UK SMEs, urging them to adopt more robust cybersecurity measures and training to safeguard against potentially devastating breaches that threaten their survival.
