Are small businesses prepared to defend against cyberattacks?

Image from Unsplash

When small businesses are targeted by cyberattacks, they may have fewer resources to respond than large enterprise counterparts. Although federal aid aims to help small business owners up their cybersecurity posture, a recent security survey shows small businesses are not prepared to recover if a cyberattack occurs.

According to a survey from Nationwide Agency Forward and conducted by Edelman Data & Intelligence, most small business owners underestimate how damaging a cyberattack could be for their company. Cyber risk insurance — which helps protect and offset against the impacts of an attack — is also not on their radar. Less than three in 10 small business owners report having cyber coverage, compared to 71% of middle market businesses.

The survey, which asked 400 small business owners, 401 middle market business owners, and 430 agents about cybersecurity practices and cyber insurance, found that 48% of small business owners feel ready to prevent a cyberattack on their business, compared to 83% of middle market business owners — and a gap in cybersecurity training measures could be a factor.

In fact, small business owners are less likely to be taking the following cybersecurity precautions with their employees: 56% of small business owners report offering cybersecurity training at least once a year, compared to 94% of their middle market counterparts. Additionally, 24% send regular phishing test emails to employees, compared to 65% of middle market business owners.

The impact on their small business’s reputation could be another blind spot for small business owners. Eight in 10 are confident their business would retain its customers and reputation after an attack. Cyberattacks are top-of-mind for consumers today, and 76% say they’d stop doing business with the company responsible for a breach that impacted them. One in 10 small business owners say they’ve experienced a cyberattack in the past. Of those, more than half say the attack impacted or jeopardized their business’s finances and customer trust.

For more report findings, click here.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.