10 Alarming Small Business Cyber Security Statistics, 2019 Edition

28 February 2019 / by Ludovic Levivier

small business cyber security statistics 2019If you're a small business owner, you need to think about cybersecurity: 43% of phishing attacks target small businesses. So if you're a small business owner, you need to start seriously thinking about your security needs

Not convinced you need a change from your current approach? We have this and nine other alarming small business cyber security statistics for 2019 that'll change your mind.

1. Phishing Attacks Target Small Businesses 43% of the Time

This statistic comes to us from Symantec Corporation. In 2015, 43% of these attacks occurred in businesses with 250 employees or less. Compare this to 35% of large enterprises of 2,500 or more employees, and 22% of businesses that are medium-sized.

Since 2011, the number of attacks on small businesses has been steadily increasing, while the number of attacks on large businesses has been decreasing. Small businesses have a smaller number of employees, meaning that each one will likely be targeted more frequently than employees at a larger corporation. Make sure to convey the dangers of spear-phishing attacks to your employees.

2. About 70% of Businesses Perceived an Increased Cybersecurity Risk in 2017

According to the Ponemon Institute, roughly 70% of businesses felt as though their risk to cybersecurity had a significant increase in 2017. Even if you think you have the best cybersecurity practices in place, that doesn't mean you're fully protected. Cybercriminals are developing new strategies all of the time.

3. It Usually Takes 197 Days (>6 Months) for a Company to Detect a Data Breach

The Ponemon Institute also reports this fascinating statistic: the average time it takes a company to detect a data breach is 197 days. And it turns out that companies that were able to detect a breach in less than 30 days saved $1 million as compared to companies that took longer than that. Why so long?

Unfortunately, a lot of these attacks are conducted from within the company. Referred to as "malicious insiders," these individuals do not align with your business's values and instead want to leak information to make a profit. To avoid this, be extremely stringent in your hiring process and look out for any suspicious employee behavior.

4. A Successful Cyber Attack Costs a Company $3.86 Million on Average

It costs a company millions of dollars for each data breach. On average, the cost per stolen record is $148. And these numbers are rising each year steadily.

5. Information Loss Accounts for 43% of Costs from a Cybersecurity Attack

Information loss accounts for almost half of the cost from a cyber attack. They also report that for smaller businesses, most attacks are due to malware, phishing, web-based attacks, stolen devices, and social engineering attacks.

This information loss can include customer information, employee records, trade secrets, or intellectual properties. Additionally, a security breach can have cost you business: I'm sure none of us want to put our information in the hands of Equifax ever again.

6. 91% of the Time, Cyber Attacks Start with Spear Phishing

According to Trend Micro, most cyber attacks begin with a spear phishing attempt. What's spear phishing? It's an email that targets one person in a company and appears to be from a source that can be trusted in an attempt to steal information.

It's similar to phishing and social engineering attacks, but unique in that it's targeted individuals. That makes it much harder to detect than a mass phishing campaign, which will usually set off spam filters as well as attract the attention of your IT staff. Train your staff to be wary of emails asking for personal information, wire money transfers, or login information.

7. Phishing Attacks Victimized 76% of Businesses Last Year

According to Wombat Security, more than 3 out of 4 businesses fell victim to a phishing attack last year. So be sure to train your employees to double check the sender email address and avoid opening any attachments of unclear origins. After all, attachments are the easiest way to infect your company with ransomware.

8. Annual Cybercrime Damage Will Reach an Estimated $6 Trillion by 2021

This unbelievable statistic comes from Herjavec. While 2015 saw a $3 trillion loss due to cybercrime, the annual cost by 2021 is expected to reach over double that amount. Other than information loss, costs include stolen money, disruption to business post-attack, and harm to your business's reputation.

9. The United States Is the Number One Target for Cyber Attacks

The United States is the most targeted country for cyber attacks. And by 2023, it's expected to be responsible for half of the world's data breaches in 2023. Currently, it sits at 38% of targeted attacks.

The next closest country, India, doesn't even come close at 17% of all targeted attacks. 

10. In 2019, It's Estimated a Ransomware Attack on Businesses Will Occur Every 14 Seconds

Ransomware attacks will take place at an unprecedented rate of once every 14 seconds, up from once every 40 seconds in 2016. And this is only referring to business-wide attacks — ransomware attacks targeting individuals occur much more frequently.

Ransomware is a program that prevents a computer from being accessed until a "ransom" is paid to an anonymous server, who will then unlock the computer. Because small businesses are quickly becoming a popular ransomware target, make sure you take every possible precaution against it.

Having to pay a large sum of money to unlock your business's data is a huge hit on your bottom line. Additionally, since your data was accessed by an outside party, you have no idea if your information is protected or not. Finally, several businesses that pay the ransom don't even get their data back.

Small Business Cyber Security Statistics 2019: Now You Know!

Now that you've learned the most important small business cyber security statistics 2019, you'll probably want to boost your security. Make sure your software and antivirus programs are up to date, ensure your employees have the proper training to avoid targeted attacks and make sure your IT department is actively working to prevent data breaches.

If you're interested in the higher level of security that Linc Project can provide, contact us to learn more about what we can offer you. Our goal is to keep your data safe.

checkArticle Approved
How Outsourced IT Services Can Save Your Business Loads of Money

Why are smart businesses turning to outsourced IT services? It's not just about cybersecurity. There are cost benefits

searchTarget Keywords: outsourced it services

Next Steps

This article has been approved and all writing work is complete. The 

Topics: security

New call-to-action