If you don’t or are wondering, let me give you a little industry insight: Cybersecurity is a buzzword that gets thrown around often. Applying for a new credit card – I bet you see the word Cybersecurity within the application somewhere. Have you gone shopping online, I bet you will find something relating to Cybersecurity mentioned on the store website? Sometimes they tout the encryption they use for their website. There are countless examples of the usage of ‘Cybersecurity’ to define every day good practices in this industry, but does it really mean you are protected?  After all of that said please understand that there has never been a time when cyber-attacks have been more widespread throughout the world. Regarding only the COVID-19 era, there was a 600% increase in cybersecurity attacks, with the financial sector suffering the largest damages. It is also expected that the total cost for all cybercrime damages totaled over $6 trillion worldwide.

Cybercrime is on the rise at a drastic rate

The rate at which cyber-attacks are targeted toward small businesses is staggering, to say the least. In the last year alone, cyber-attacks were up by a whopping 424%. This means that breaches grew more than 5 times this year compared to the previous year. It’s easy to assume that criminals are going after large corporations due to the monetary incentives. However, this doesn’t seem to be the case for a few reasons. The first being that only 14% of small businesses rate their ability to mitigate risk as “highly effective”. The second being that almost half (47%) of small businesses don’t understand how to protect themselves against a cyber-attack. Even more troubling is that in many cases business owners doe not even know what they have on their network in the first place. Even worse, 54% of small businesses do not have a plan in place for reacting to cyber-attacks.

Many small and medium-sized businesses might think to themselves “well, we’re a small fish in a big pond” or “this will never happen to us because we are too small”, let me tell you it is a fact that this is not the case. Did you know that the majority of cyber-attacks target small businesses, over half of the small businesses that are victims go out of business within six months of an attack, Cybercrime is on the rise at a drastic rate, and finally, about 75% of small businesses do not have the staff or personnel to address IT security.

Surprisingly enough, about 43% of cyber-attacks are made against small businesses; and this number keeps continuing to increase year over year (up from 18% a few years ago). The reasoning for this is mainly since larger businesses have the resources and talent to become more defensive against attacks, making it harder for criminals to infiltrate an environment. In response, criminals are now turning to attacking smaller businesses since usually they do not have the talent or resources to dedicate to cyber security. Mainly, they go after whoever handles the business’s finances in the organization. However, 1 out of 323 emails sent to small businesses are malicious and can make their way to anyone in your organization.

One very sad result of a cyber-attack is that according to the US Nation Cyber Alliance is that over half (60%) of small businesses that are victims of a cyber-attack go out of business within six months. Because of this, it’s no surprise that 66% of small businesses are concerned about a cyber security risk. It costs an average of $363,365 to a business if a cyber-attack is caused by a compromised employee password alone. That’s not to discount the hidden costs as well associated with a cyber-attack on a small business. 40% of small to medium-sized businesses experienced at least 8 hours of downtime following a cyber-attack. When this happens, essentially nothing in the business gets done and accounts for an additional $1.56 million in losses. To fully recover, small businesses spend an average of $955,429 to restore normal business functions. This doesn’t account for the rest stated above, which is a number that ranges from business to business. However, the true cost of getting back to normal usually far out measures the actual amount of money taken in a cyber-attack.


Since 75% of small businesses do not have the staff or personnel to address IT security it is important to understand that expected growth in the cybersecurity market to be valued at 14.5% year over year. Growing from $156.4 billion in 2020 to $352.5 billion in 2022. Due to this surge of demand as well as growth within this industry; It is becoming increasingly harder for businesses to find the right person with the right skill set for the job. Even when polled the small businesses that indicated that they were prioritizing cyber security and that they had the budget; 75% of them still indicated that this was a major pain point for them. Unfortunately, this skill set is difficult to come by for employers, not to mention the cost and efforts to retain these types of employees in a highly competitive and lucrative market. Unfortunately, a lot of small businesses do not have the reach or budget for these efforts without the help of a managed provider.


What you can do for your business? Using the points above, it’s no surprise that businesses are starting to put cyber security at the forefront of their business needs. Below are a few actionable steps that businesses can take themselves to mitigate their risk of a cyber security attack.


  • 94% of detected malware by SMBs is received through email. Within emails, 45% of detected malware was sent through an Office document file to the median small business, while 26% were sent through a Windows App file. Because of this, it’s important to train and keep your employees on high alert for unsolicited emails.


  • Industry experts say a small business’s cybersecurity budget should be at least 3% of the company’s total spending. If you are not putting this much into your cyber security budget, then you are likely underspending or completely negating any risk.


  • Work with a trusted managed provider to address all your cyber security and IT need Typically, these managed providers support your entire IT infrastructure as well as your cyber security. It allows for predictable budgeting, no need for finding and retaining talent, as well as the resources of a fully dedicated team of IT professionals for the cost of one additional new hire in this field.


If you are interested in receiving a free assessment of your current cyber security or your IT environment please feel free to reach out to us and we can assist you in easing the pain points that trouble you about security and networking.