5 Things You Need To Know About Cyber Attacks On Small Businesses

Tom Quinn |
Tom (he/him) is a growth marketing manager at Snagajob helping small businesses find hourly workers.

The trouble is, even if small business owners know that cyber attacks are a threat, most don’t think it’s anything they should worry about. It’s exactly this thinking that is leading an increasing number of small businesses to fall prey to costly data breaches, phishing scams, and malware. It’s time that small business owners learn a thing or two about the shady world of cybercrime.


1. One in five small businesses has been the victim of cybercrime

In a study commissioned by the cybersecurity company BullGuard, 60% of business owners thought that their business wouldn’t be a target for cybercriminals. In reality, 18% of the businesses surveyed had been the victim of cyber attacks within the past year.


That number is even higher in a study by the Ponemon Institute. They found that 72% of businesses surveyed had experienced a cyber attack at one time or another. All of this means not only that small businesses are a target, but that the majority underestimate the danger they might be in.


2. Nearly half of small businesses don’t have a cybersecurity defense plan

Considering how many businesses don’t think they’re at risk, it’s not surprising that a large percentage have no defense strategy against cyber attacks. The Bullguard study revealed that 43% of businesses surveyed left their data–including finances, customer information, and business data–largely unprotected.


For those that do have a plan, the majority manage their cybersecurity in-house, though the data suggests that strategy might not be very effective. Half of the small business owners said their staff had received no cybersecurity training whatsoever, and less than 10% even had a dedicated staff member to manage IT.


3. Phishing is the most common form of cyber attack

When it comes to defending against cybercrime, half the battle is knowing what to look out for. In the Ponemon Institute study, the most common form of cyber attacks on small businesses between 2017 and 2019 was phishing – spam emails from attackers claiming to be someone they’re not in order to steal data. This was followed by closely web-based attacks, then by general malware.


4. Cybercrime can cost, a lot

Sadly, businesses in the study who didn’t protect their data had to pay dearly. According to the BullGuard study, half of those businesses that had been victims of cybercrime claimed it took 24 hours or longer to recover from an attack, and a quarter said they had to spend $10,000 or more to resolve the issue. This can be a devastating amount for a small business, so it’s no wonder that 25% of respondents said they lost their business as a result of a cyber-attack.


5. There are lots of ways to prevent cybercrime

Thankfully, there are many ways to prevent your business from falling prey to cyber criminals. Some of the simplest first steps are to learn more about the risks out there and to train your staff in how best to avoid them. The Small Business Association has a fact sheet on cybersecurity., including common threats, and resources to assess how safe your business currently is.


If there’s one piece of advice that always applies, it’s to be careful what you read on the internet. Keep a skeptical voice in your head when it comes to opening emails, following links, phone conversations, and social media. If anything seems in any way out of the ordinary, disconnect straight away. Being extra cautious never hurt anyone, and you might just save your business.