fbpx

7 Cybersecurity Stats That Every Small Business Should Know in 2021

Small business

If you’re a decision-maker at a small business, the days of casually learning about cybersecurity are over. Data breaches and other hacking incidents were already trending up; then the pandemic changed everything.

The move to remote working shifted the security landscape in ways we’re still trying to calculate. But one thing is certain; hacking incidents are way up--especially for small businesses.

Let’s take a look at some of the more startling statistics that reveal this truth.

7 Eye-Popping Cybersecurity Statistics Regarding Small Businesses

1. Small businesses saw a 424% increase in cyberattacks last year

When we say hackers were busy last year, we weren’t lying. According to Fundera, hacking incidents against small businesses increased five-fold in 2020.

In total, these types of attacks grew 424%. Why would hackers target smaller businesses with less money to pay ransoms? You might be able to guess after reading on.

Check out how easy it is for hackers to infiltrate a company:

Watch this hacker break into a company

2. One-third of small businesses report using free, consumer-grade cybersecurity

While most major corporations are becoming aware of the realities of cyber breaches, many small businesses still have their proverbial heads in the sand.

A 2020 study by BullGuard revealed that a third of businesses with 50 or fewer employees reported using free, consumer-grade cybersecurity to protect themselves. One in five of these companies had no endpoint security at all.

It’s no wonder that hackers have increasingly targeted small businesses. Just like predators in the wild, hackers are targeting the weakest links. And right now, small businesses are the easiest prey.

3. 60% of small businesses think they’re unlikely to be attacked

Despite the massive increase in cyberattacks on SMBs and the devastating costs of experiencing such an attack, most small businesses still think it can’t happen to them.

60% of the small business owners surveyed by BullGuard assumed their companies were an unlikely target of cybercriminals.

Newsflash: cybercriminals don’t care what type of business you run. As long as there is sensitive data to be stolen, they will likely try, at some point, to take it.

4. The average cost of insider-related cyber incidents was $7.68 million

I know. That probably looks like a typo, but it isn’t. According to IBM and the Ponemon Institute’s The Cost of Insider Threats Global Report 2020, the average cost of an insider threat to small organizations (500 employees or less) was $7.68 million.

The biggest insider threat to an organization is negligence, likely caused by a lack of employee training.

IBM
The top causes behind insider threats. | Source: IBM/Ponemon Institute

5. Ransomware is the most common threat to small businesses

Ransomware is the single largest cybersecurity threat to small businesses. And according to Datto’s Global State of the Channel Ransomware Report, it wasn’t even close.

According to the report, 85% of managed service providers (MSPs) concluded that ransomware was the most common threat to small businesses in 2019.

datto
Ransomware is the top threat to small businesses. | Source: Datto

The study revealed that 89% of MSPs were “very concerned” about the threat of ransomware attacks. Sadly, only 28% of their small business clients felt the same way.

6. 60% of companies go out of business six months after a security breach

This should come as no surprise, considering the exorbitant costs of getting hacked. According to the National Cyber Security Alliance, a whopping 60% of companies go out of business within six months after falling victim to a data breach.

This research was done in 2015, so it’s possible the numbers have risen since then.

7. Phishing is the top threat action for 30% of organizations

While ransomware is one of the most common ways to infect a network, phishing is the most common way for hackers to infiltrate a network in the first place.

According to Verizon’s 2020 Data Breach Investigations Report, phishing was the top action in breaches of small organizations (and large, for that matter).

verizon
Phishing was followed by stolen credentials as the top action taken in breaches. | Source: Verizon

Some of the biggest hacks we saw over the last year involved phishing. A Florida teenager managed to tweet a bitcoin scam from celebrity accounts such as Barack Obama and Elon Musk after infiltrating Twitter employees’ accounts via spear phishing.

Three North Korean hackers were recently charged for stealing millions of dollars from banks around the world. They also used spear-phishing techniques.

How to Protect Your Company

Decision-makers at small businesses need to start treating cybersecurity with the gravity it deserves. As we’ve seen, if you wait until you’re attacked, it might be too late.

Luckily, there are steps you can take to help mitigate the risk.

  • Require long, varied passwords for any sensitive accounts
  • Enable two-factor authentication for any sensitive accounts
  • Invest in basic cybersecurity training so employees can avoid common pitfalls such as social engineering
  • Install and regularly update anti-virus software
  • Limit employees’ access to sensitive data
  • Conduct regular vulnerability tests and risk assessments

While these pointers are a helpful start, they’re only the tip of the iceberg. If you really want to prepare your employees, invest in training and a business protection plan.

At hacked.com, we offer comprehensive protection plans that are perfect for small businesses.

Each protection plan comes with a free consultation to help tailor our packages to suit your needs. If you have any questions about your small business’ cybersecurity, contact us at [email protected] or book a free consultation call today.

Featured image by Den Rise from Shutterstock.com

Get Your Digital Protection Plan

With your Digital Protection plan, we will help you immediately if you get hacked, see photos or videos leaked, or if your identity has been misused.

Schedule a free call to secure your business & employees here!

Get Your Personal Digital Security Manager here.

Get Immediate Help here.

Aaron Weaver
Aaron Weaver is the Head of Content for Hacked.com. He has over 15 years of journalism experience. As a tech-savvy editor and researcher, he prides himself on journalistic integrity by providing cutting edge data backed by the latest science.

[email protected]

Phone support: +1 334 625 9990
7AM-7PM CDT weekday, 8AM-3PM CDT Saturday
We are not able to answer all calls.
For a guaranteed response, please use email or schedule a call with us here.




We have been recommended to clients by employees at FBI and local law enforcement in the United States. For references, please send us an email.






         



Read all of our reviews here.