mobile phone and laptop

AIM listed businesses at risk of cyber attacks

Latest research on the risks impacting the top 200 AIM listed businesses

Jim Gee, Partner,  National Head of Forensic Services
04/05/2020
mobile phone and laptop

Our latest research undertaken with KYND and University of Portsmouth’s Centre for Counter Fraud Studies found that the vast majority of the top 200 AIM businesses have significant unaddressed cyber risks. Unfortunately, the risks identified are not just limited to the top 200 AIM businesses and are also likely to exist in similar companies. Read our report to consider if you will be similarly affected.

Download the Fraud and cybercrime vulnerabilities on AIM report

The cyber landscape is becoming increasingly complex, particularly now we're seeing increased strain from fraud and cybercrime pressures related to the current COVID-19 pandemic. Fraud and cybercrime is expected to surge over 60% in the coming months. Keeping pace with the evolution of cyber threats is becoming ever more challenging and important. This was evidenced in the report's key findings.

  • 91.5% exposed to email spoofing
  • 47.5% have at least one external internet service exposed, placing them at higher risk of ransomware attack
  • 85% using services with well-known vulnerability to cyber attack
  • 41.5% using vulnerable out of date software
  • 31.5% operating with at least one expired, revoked, or distrusted security certificate
  • 64% companies with at least on domain registered to personal email address.
Complete our form and receive our report.

What actions should you take?

If you are concerned the findings of this research relate to your business, Crowe can provide the independent verification necessary to ensure your firm is protected.

We can help you to:

  • obtain comprehensive insight into your company’s cyber risk exposure
  • address specific vulnerabilities in your externally facing IT infrastructure that could be exploited by hackers
  • identify whether any of your company’s email addresses have been compromised take actions to prevent exploitation of potential cyber risks.
Jim Gee

The findings of the research are stark. We should be clear: cybercrime was increasing rapidly before COVID-19 and we now have a further surge. AIM listed businesses are by no means immune. The basic vulnerabilities uncovered in our research highlight the extent to which these firms are failing to keep pace with the rapidly evolving threat. Companies need to be properly protected so that they can play their part in making the UK economy grow again.


The impact of a significant breach on a listed business can knock sometimes fragile investor confidence. The operational impacts of a breach can result in a loss of service and an inability to deliver goods and services to clients and customers. Valuable management time is lost reacting to cybercrime and this distracts from business objectives.

Jim Gee
Jim Gee
Partner, National Head of Forensic Services
+44 (0)20 7842 7239

Fix the common cyber vulnerabilities to protect your business

Webinar: Thursday 7 May | 09:00 - 09:30

Download Fraud and cybercrime vulnerabilities on AIM report

Please complete the fields to receive the full download of our report

If you would like to discuss the findings of the report and how we can support your business, please contact Jim Gee, Partner, National Head of Forensic Services.

* Text required