Site icon AdvisorSmith

Report: Cyberattacks Affected 42% of Small Businesses in Past Year

Small Business Cybercrime Statistics

Ransomware and cyberattacks have seen a significant increase in frequency and severity in the last few years, supercharged in part by the workforce moving to a largely remote model during the pandemic. As businesses depend more on technology infrastructure and cloud operations, the vulnerabilities of these systems are being exploited by cybercriminals. While cyberattacks reported in the media mainly focus on large corporations, the reality is small businesses, with fewer resources and less technical expertise, are often seen as easy targets for cyberattacks.

AdvisorSmith conducted a survey of 1,122 small business owners and managers to understand their experiences with cyberattacks and how their businesses are preparing for cyber threats. 

42% of small businesses experienced a cyberattack in the last year

Nearly half (41.8%) of all small businesses were the victim of a cyberattack in the last 12 months, according to our survey. The following is a breakdown of the types of cyberattacks that these small businesses suffered:

69% of small businesses are concerned about being the victim of a cyberattack

Our survey showed that overall, 69.2% of small business owners were concerned about being the victim of a cyberattack in the next 12 months, with 24.9% saying they were “very concerned,” 44.3% saying they were “somewhat concerned,” and 30.8% saying they were “not concerned at all.”

Younger business owners 1.8x more likely to be concerned about cyber threats

Interestingly, an active concern about cyber threats skewed younger, with 31.2% of those business owners aged 18-29 saying they were “very concerned,” compared to only 17.1% of those aged over 60, 23.3% of those between ages 45-60, and 24.3% of those between ages 30-44. The same trend was seen for those who said they were “not concerned at all,” with 34.2% of those 60 and older not having any concerns about cyber threats, compared to only 23% of those aged between 18-29.

AgeVery concernedSomewhat concernedNot concerned at all
18-2931.15%45.90%22.95%
30-4424.28%41.87%33.85%
45-6023.30%43.20%33.50%
61+17.09%48.73%34.18%

This trend may prove beneficial for cybercriminals, as oftentimes, it is the older generation that is actually targeted more heavily for fraud and identity theft because they may be less technically savvy than younger individuals.

72% of small businesses have implemented cybersecurity precautions

A majority (72.0%) of small business owners and managers have prepared in some way for the threat of a cyberattack. While this seems like a promising step, there is still 28% of respondents that have not implemented any form of cybersecurity protocols. Even a few basic cybersecurity measures can make a big difference in helping your business ward off cyberattacks and data breaches.

The following is a breakdown of the types of cybersecurity preparations small businesses have taken:

1 in 2 small businesses have or plan on purchasing cyber insurance

While there is no silver bullet to protecting your business from cyber threats, and no business can ever be 100% fully protected, small businesses are increasingly purchasing the financial protection of cyber insurance, which can cover your business against liability and property losses caused by cyberattacks.

In our survey, 23% of respondents indicated that they planned on purchasing cyber insurance in the next 12 months, 12.8% already had cyber insurance, and 17.9% had cyber insurance and were planning on increasing their coverage in the next 12 months. On the flip side, 46.3% of respondents did not have cyber insurance and had no plans of purchasing the coverage.

Younger business owners 3x more likely to purchase cyber insurance

While overall, roughly half of small business owners had or were planning on purchasing cyber insurance in the next 12 months, the distribution skewed very much toward younger business owners, who were far more likely to secure cyber coverage.

Seventy-five percent (75.7%) of those business owners between the ages of 18-29 indicated they already had cyber insurance or were looking to purchase, while only 28.5% of those over the age of 60 said the same. Forty-three percent (43.2%) of those between ages 45-60 and 52.3% of those between ages 30-44 had or were planning on purchasing cyber insurance.

AgePlan on purchasing cyber insuranceHave cyber insuranceHave cyber insurance, plan to increase coverageNo cyber insurance, no plans to purchase
18-2931.80%15.08%28.85%24.26%
30-4423.61%10.47%18.26%47.66%
45-6020.87%12.62%9.71%56.80%
61+6.96%15.19%6.33%71.52%

Protecting Your Small Business Against Cyberattacks

For small businesses, just one cyberattack could mean losses and damages that are irrecoverable. To combat the threat of a cyberattack, consider taking these simple actions to beef up your cybersecurity:

Methodology

AdvisorSmith surveyed 1,122 people who own or manage a small-to-medium business in the U.S., in conjunction with Momentive.ai. This survey was conducted in October 2021. The margin of error for this survey was less than or equal to 3%. 

Forty-eight percent of respondents were male, and 52% of respondents were female. In terms of age, 27.3% of respondents were between the ages of 18-29, 40.2% were between 30-44, 18.4% were between 45-60, and 14.1% were over 60.

The industry breakdown of respondents is as follows: Advertising and Marketing (8.9%), Agriculture (5.2%); Airlines & Aerospace (2.1%); Automotive (3.6%); Business Support & Logistics (6.0%); Construction, Machinery, and Homes (6.2%); Education (9.4%); Entertainment & Leisure (5.1%); Finance & Financial Services (4.6%); Food & Beverages (4.8%); Government (2.9%); Healthcare & Pharmaceuticals (10.2%); Insurance (1.0%); Manufacturing (3.1%); Nonprofit (4.2%); Retail & Consumer Durables (9.5%); Real Estate (4.2%); Telecommunications, Technology, Internet & Electronics (5.5%); Transportation & Delivery (1.9%); and Utilities, Energy, and Extraction (1.5%).

Expert Commentary

AdvisorSmith spoke with the following experts to provide critical insight on cyber risk for small business owners.

Paul Rohmeyer

  • Adjunct Professor
  • Stevens Institute of Technology
Paul's Answers

Darryl Togashi

  • Director of Cybersecurity Program
  • Indiana Tech
Darryl's Answers

Raymond Albert

  • Professor of Practice and Director, Cybersecurity Program
  • Assumption University
Raymond's Answers

Ahmed Banafa

  • Adjunct Professor, College of Engineering
  • San Jose State University
Ahmed's Answers

Q. Should small businesses be concerned about cyber risk?

Q. How can a business effectively organize and manage cyber risk?

Q. Where do you see the cyber insurance market trending, and what are the main insurability challenges?

Exit mobile version