Nearly Half of Business Owners Have Been Victims of Cyberattacks

Nationwide’s annual survey of business owners found that 13 percent said they experienced a cyberattack.

However, that number jumped to 58 percent of owners who identified as victims when shown a list of the following types of attacks — revealing a 45 percent gap and lack of understanding about what constitutes an actual attack.

According to Nationwide’s third annual survey of 1,069 business owners with 1-299 employees, more than 20 percent of cyberattack victims spent at least $50,000 and took longer than six months to recover. But 7 percent spent more than $100,000, and 5 percent took a year or longer to rebuild their reputation and customer trust.

“Cyberattacks are one of the greatest threats to the modern company,” said Mark Berven, president of Property & Casualty for Nationwide. “Business owners are telling us that cybercriminals aren’t just attacking large corporations on Wall Street. They’re also targeting smaller companies on Main Street that often have fewer defense mechanisms in place, less available capital to re-invest in new systems and less name recognition to rebuild a damaged reputation.”

Part of the problem facing a business’ ability to recover from an attack, said Nationwide, is that a majority of owners are not prepared. Most don’t have a cyberattack response plan in place (76 percent), a plan in place to protect employee data (57 percent) or a plan to protect customer data (54 percent). Additionally, the threat continues to grow as more companies are now frequently using new technologies in a potentially unprotected environment, including the Internet of Things (37 percent) and Artificial Intelligence (24 percent).

While the vast majority of business owners said it’s important to establish cybersecurity best practices recommended by the U.S. Small Business Administration, fewer report actually following those best practices that every business owner should consider. Those include:

Protect against viruses, spyware and other malicious code: 85 percent versus 65 percent
Secure your networks: 85 percent versus 58 percent
Make backup copies of important business data and information: 85 percent versus 59 percent
Establish security practices and policies to protect sensitive information: 83 percent versus 50 percent
Control physical access to computers and network components: 81 percent versus 60 percent
Require employees to use strong passwords and to change them often: 80 percent versus 52 percent
Educate employees about cyber threats and hold them accountable: 76 percent versus 42 percent
Protect all pages on public-facing websites, not just the checkout and sign-up pages: 74 percent versus 42 percent
Employ best practices on payment cards: 73 percent versus 47 percent
Create a mobile device action plan: 64 percent versus 26 percent

https://prnmedia.prnewswire.com/news-releases/nationwide-survey-nearly-half-of-business-owners-have-been-victims-of-cyberattacks--but-didnt-know-it-300533137.html?tc=PRNJ_email_html_headlines

https://blog.nationwide.com/news/ten-tips-to-prepare-for-cyberattacks/

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

A head of state needs heart surgery at your facility. High-profile members of a national sports team are getting updated vaccinations. What do you do when you get the call?