If you run a small or medium‑sized business, digital trust is now as important as cashflow and customers. 

Growth increasingly depends on whether customers, suppliers and investors believe you can keep systems running and data safe. Cyber is no longer just “an IT thing” – it’s part of the basic infrastructure that lets your business win and retain work.

Dr Ismini Vasileiou summed it up clearly during the East Midlands Cyber Summit: you don’t get local economic growth without digital trust – and you don’t get digital trust without organisational cyber resilience. 

That resilience is what enables you to say “yes” to new technology, bigger contracts and tighter supply‑chain requirements without worrying about potential incidents.

Getting started

The good news is this isn’t about buying every shiny tool and piece of software on the market. It’s about getting the basics right in a way that fits your size and sector. That means:

• Someone senior clearly owning cyber risk – not just following an ‘IT will deal with it’ approach.
• Knowing what systems and data you have, and who can access them.
• Keeping software updated and having reliable backups.
• Training your people in what to do if something looks wrong.
• Having a simple, written plan for how you’d respond to an incident.

When these fundamentals are missing, it results in very familiar SME pain points. These include downtime you can’t afford, lost contracts because you can’t pass a security questionnaire, delayed innovation, higher insurance premiums and damage to reputation that’s hard to repair.

Supporting growth

Many small and mid-sized businesses hit a common barrier. 

They win new work, feel rightly proud, and then face detailed security checks from a larger customer. That’s often the moment it becomes clear that growth is being blocked not by ambition, but by readiness. 

It’s not a lack of concern about security on the part of the SME – they just need a clear, practical route to build resilience one step at a time.

The takeaway for SME leaders who were at the Summit was straightforward:

• Treat cyber resilience as a leadership issue, not something you can fully outsource.
• Focus first on a small set of basics that stop minor incidents turning into crises.
• Make use of local networks and clusters that can connect you to practical help and spread the cost and learning.

Digital trust is becoming an asset in its own right. Build it deliberately, and you’re opening doors to new customers, bigger contracts and more resilient growth.

• This post is part of a series based on content from speakers at the East Midlands Cyber Summit. The Summit was delivered by East Midlands Cyber Security Cluster as part of its CyberGrowth programme.