When it comes to headline-making cybersecurity incidents, it’s usually large companies that get the most press. However, small businesses are even more frequently targeted by attacks, with 43% of all data breaches targeting small businesses.
Read on for 23 small business cybersecurity statistics to keep in mind.
1. Small Businesses Are the Target of 43% of All Data Breaches
As mentioned above, many people assume that large corporations would be a primary target for cyberattacks. However, enterprises typically have solid cybersecurity protections in place, making them harder to infiltrate.
Comparatively, gaining entry into small business systems is often a breeze. As a result, they’re the number one target for cybercriminals, representing 43% of all data breaches in 2019.
2. 61% of SMBs Experienced a Cyberattack During the Last Year
Among small to medium-sized businesses (SMBs), a full 61% experienced a cyberattack during the past year. While not all attacks were successful or damaging, it shows how prolific the issue is in the small business landscape.
3. Data Breaches Cost SMBs an Average of Nearly $3 Million Per Incident
Generally, any business with fewer than 500 employees qualifies as an SMB. Among companies of that size, the average cost of a data breach is close to $3 million per incident.
4. 60% of Small Businesses Go Out of Business Within 6 Months After a Cyberattack
Cyberattacks aren’t just inconvenient for small businesses; they’re costly, catastrophic events that can completely derail the company. Overall, within six months of an attack, 60% of small businesses that fell victim to attackers shutter their doors for good.
[Source: Business Australia]
5. 25% of Small Business Owners That Experienced an Attack Lost Business
Among small businesses that fell victim to cybercriminals, 25% lost business because of the attack. This can be due to downtime leading to a missed opportunity, customers becoming wary about using a company they view as less secure, or any other reason.
6. Malware Is the Most Common Threat, Comprising 18% of Attacks on SMBs
When it comes to cybersecurity threats, small businesses deal with malware most often. Overall, 18% of small businesses that experienced an attack have been victims of malware.
In second place is phishing, with 17% of small businesses that experienced hacks being targeted using this vector. Data breaches came in third with 16%, while DDoS occurred for 12%, and 10% were targeted with malware.
[Source: Tech Republic]
7. 51% of Small Business Owners Pay the Money When Hit with Ransomware
Among small businesses that were targeted and infected by ransomware, 51% chose to pay the ransom. Twenty-four percent even covered the cost out of pocket. The other 27% used cyber insurance to handle the expense.
8. 88% of Small Business Owners Feel They’re Vulnerable to an Attack
Overall, the vast majority of small business owners know that they are potential targets. However, paying for professional IT services is out of reach for many. Additionally, most owners don’t know where to start when it comes to shoring up their cybersecurity or feel they don’t have the time to figure it out.
Since not all small business owners can or will take precautions to keep their systems secure, it’s not a surprise that the vast majority think they’re at risk. Overall, 88% of small business owners feel they’re vulnerable to an attack.
[Source: Small Business Administration]
9. 47% of Small Businesses with Fewer Than 50 Employees Have No Cybersecurity Budget
A startling 47% of businesses with 50 or fewer employees, have no cybersecurity budget whatsover. Of those that do, only a small number have a dedicated cybersecurity budget, separate from IT spending. All told, only 8% of small businesses have a formal, dedicated budget to ward off cyberattacks.
[Source: Corvus Insurance]
10. 56% of Small Business Owners Aren’t Worried About Being Hacked in the Next 12 Months
While small business owners may realize that their vulnerable to a cybersecurity attack, that doesn’t mean they assume one is on the horizon. A full 56% of small business owners aren’t concerned about being hacked over the next 12 months. In fact, 24% weren’t worried at all.
11. Nearly 60% of Small Business Owners Are Confident They Can Resolve a Cybersecurity Attack
While many small business owners don’t have formal cybersecurity budgets and aren’t able to take every precaution, the vast majority seem to assume that isn’t an issue. Fifty-nine percent are confident that they can quickly resolve a cybersecurity attack should one occur.
12. 42% of Small Business Owners Have No Cyberattack Response Plan
Among small business owners, 42% don’t have any plan in place to respond to a cyberattack. Another 11% aren’t sure whether there’s a plan in place, indicating they could experience issues should an attack occur.
13. 40% of Attacked Small Businesses Lost Critical Data
Among small businesses that fell victim to a cyberattack, 40% lost critical data during the event.
14. Just 26% of Small Business Owners Have Cyberattack Insurance
Cyberattack insurance is a classic form of protection against an attack, decreasing the financial hardship hackers can cause. However, just 26% of small business owners invest in this protection.
15. 22% of Small Business Owners Increased Their Cybersecurity Spending This Year
Year over year, 22% of small business owners increase their cybersecurity budgets to protect themselves against threats. Another 67% kept their spending levels the same. Overall, the remaining 11% either weren’t sure if their spending had changed or reduced the amount they dedicated to cybersecurity.
16. 76% of Small Business Owners Think Disclosing a Hack Should Be Required
Generally, small business owners feel that customers have a right to know if a company they use was hacked. In fact, 76% of small business owners think such disclosures should be mandatory.
17. 43% of Cyberattacks Target Small Businesses
Small businesses are targeted by cybercriminals far more than most would expect. Overall, 43% of cyberattacks aim at small businesses.
18. 40% of Small Businesses That Fell Victim to a Cyberattack Experienced 8+ Hours of Downtime
The impacts of a cyberattack are often multifold. However, when it comes to downtime specifically, 40% of small businesses that were targeted by an attack were down for at least eight hours.
19. 50% of Small Business That Were Successfully Attacked Took 24+ Hours to Recover
Recovering from an incident and being able to resume business as normal isn’t usually a fast process following an attack. Overall, half of all small business owners said it took at least 24 hours to resume operations.
20. 52% of SMBs Don’t Have Dedicated Cybersecurity IT Employees
Among SMBs, 52% spread cybersecurity responsibilities across roles instead of having dedicated cybersecurity team members on staff. Those responsibilities may shift to other tech professionals, some of which may have limited knowledge of cybersecurity beyond their niche, while others may tap other employees outside of IT.
21. Just 22% of Small Businesses Encrypt Their Data
Often, encryption is considered a basic protection against an attack, ensuring that even if a system is breached, the data isn’t easily readable. However, just 22% of small businesses actually encrypt their databases.
22. One-in-Five Small Businesses Use No Endpoint Security
Endpoint security is critical for ensuring desktops, laptops, smartphones, and similar devices are protected on a basic level. However, a startling one-in-five small businesses don’t use endpoint security of any kind.
23. One-Third of Small Businesses Rely on Free, Consumer-Oriented Cybersecurity Solutions
While businesses benefit from more robust security mechanisms, not all small businesses go with paid-for, business-grade services. Instead, one-third rely on free, consumer-grade antivirus, antimalware, and similar products.
3 thoughts on “23 Small Business Cybersecurity Statistics – 2022”
I have dedicated my time to do these although am not supposed to be doing but the laudable job Henry did for me worth more than what i paid for,l have never dream of getting my husband phone call details and receiving his whatsapp and text messages(not even anytime soon).The day i started receiving all his messages that was the day l promised to come back to where l saw recommendation about him and join the good people to spread and share my experience. Married women pls contact him via email: Henryclarkethicalhacker@gmail.com and you can text, call him on whatsapp him on +12014305865, or +17736092741, and be saved from the bondage subjected by those selfish men.
Contact him for any type of hacking, he is a professional hacker that specializes in exposing cheating spouses, and every other hacking related issues. he is a cyber guru, he helps catch cheating spouses by hacking their communications like call, Facebook, text, emails, Skype, whats-app and many more. I have used this service before and he did a very good job, he gave me every proof I needed to know that my fiancee was cheating. You can contact him on his email to help you catch your cheating spouse, or for any other hacking related problems, like hacking websites, bank statement, grades and many more. he will definitely help you, he has helped a lot of people, contact him on, Henryclarkethicalhacker@gmail.com, and you can Text/Call &WhatsApp: +1 (773)-609-2741, or +1201-430-5865, and figure out your relationship status. I wish you the best.
I’m excited to write about Henry Hacker, he is a great and brilliant hacker who penetrated my spouse’s phone without a physical installation app. And I was able to access my spouse’s phone, SMS, Whatsapp, Instagram, Facebook, Wechat, Snapchat, Call Logs, Kik, Twitter and all social media. The most amazing thing there is that he restores all phone deleted text messages. And I also have access to everything including the phone gallery without touching the phone.I can see the whole secret of my spouse. Contact him for any hacking service. He is also a genius in repairing Credit Score, increasing school grade, Clear Criminal Record etc. His service is fast. Contact:, Henryclarkethicalhacker@gmail.com and you can text, call him on whatsapp him on +12014305865, or +17736092741..