1 in 5 SMBs could be put out of business by a cyberattack
Research from VikingCloud finds that a successful cyberattack would force nearly one in five small- and medium-sized businesses to close down.
For nearly a third of SMBs, a cyberattack with relatively small financial impact -- less than $10,000 -- would cause them to shut down, according to the report.
Consequently cybersecurity (48 percent) has emerged as the second highest business concern for SMBs, with inflation/rising costs (67 percent) at the top, and recession/reduced consumer spending (46 percent) also a significant issue.
"SMBs are not always cyber aware. It makes them the lowest hanging fruit for cybercriminals to get a quick pay day," says Kevin Pierce, chief product officer at VikingCloud. "Today, SMB owners recognize how important cybersecurity is, but they're still stretched too thin and lack the resources to develop an effective cyber program. Our latest research shows that cybersecurity is business critical for SMBs -- and a key driver in keeping their doors open or shut for good."
But despite the risks the report highlights a lack of cyber hygiene, 80 percent of respondents recognize they have cyber vulnerabilities, and yet they use easily hackable passwords with a pet's name, a series of numbers, or a family member's name (23 percent), never back up their data (16 percent), and don't require the use of multi-factor authentication (14 percent).
While SMB tech stacks often include the basics like antivirus software (50 percent), network scanning (47 percent), and firewalls (44 percent), few are equipped for modern threats. Endpoint security hasn't been deployed by 29 percent, dark web monitoring (22 percent), and penetration testing (18 percent) are also lacking. In addition, 32 percent lack the budget to hire more cyber staff, and only 15 percent hired an internal IT person or outsourced to a Managed Security Service Provider (MSSP).
Respondents identify AI as a possible savior, with 65 percent of SMBs reporting cybersecurity as the top business function that could be managed more effectively with artificial intelligence. They believe AI will be most useful in identifying threats before they impact business operations (55 percent), flagging phishing emails and texts (49 percent), and offering real-time threat response recommendations (49 percent).
The full report is available on the VikingCloud site.
Image credit: Towifqu/depositphotos.com