Horizon: News

code through round glasses, orange banner with the title of the blog "4 Major Cyberthreats SMBs Are Facing and What They Can Do About It"

4 Major Cyberthreats SMBs Are Facing and What They Can Do About It

Cybersecurity is a buzzword that gets thrown around often. However, there has never been a time when cyber-attacks have been more widespread throughout the world. Just during the COVID-19 era, there has been a 600% increase in cybersecurity attacks, with the financial sector suffering the largest damages. It is also expected that the total cost for all cybercrime damages totalled over $6 trillion worldwide. While small and medium-sized businesses might think to themselves “well, we’re a small fish in a big pond” or “this will never happen to us because we are too small”, unfortunately, this is not the case. For small businesses, working with a trusted cyber security partner like Horizon Managed Services to assess their security needs is very important as well as essential for a business to run in the age of digital transformation. In this article we will be talking about four major key points that small and medium-sized businesses are facing: The majority of cyber-attacks target small businesses, over half of the small businesses that are victims go out of business within six months of an attack, Cybercrime is on the rise at a drastic rate, and finally, about 75% of small businesses do not have the staff or personnel to address IT security.

The majority of cyber-attacks target small businesses

Surprisingly enough, about 43% of cyber-attacks are made against small businesses; and this number keeps continuing to drastically increase year over year (up from 18% a few years ago). The reasoning for this is mainly since larger businesses have the resources and talent to become more defensive against attacks, making it harder for criminals to infiltrate an environment. In response, criminals are now turning to attacking smaller businesses since usually they do not have the talent or resources to dedicate to cyber security. Mainly, they go after whoever handles the business’s finances in the organization. However, 1 out of 323 emails sent to small businesses are malicious and can make their way to anyone in your organization.

Over half of small businesses that are victims of a cyber-attack go out of business within six months

According to the US National Cyber Alliance, 60% of small businesses that suffer a cyber-attack go out of business within under half a year. Because of this, it’s no surprise that 66% of small businesses are concerned or even extremely concerned about a cyber security risk. It costs an average of $363,365 to a business if a cyber-attack is caused by a compromised employee password alone. That’s not to discount the hidden costs as well associated with a cyber-attack on a small business. 40% of small to medium-sized businesses experienced at least 8 hours of downtime following a cyber-attack. When this happens, essentially nothing in the business gets done and accounts for an additional $1.56 million in losses. To fully recover, small businesses spend an average of $955,429 to restore normal business functions. This doesn’t account for the rest stated above, which is a number that ranges from business to business. However, the true cost of getting back to normal usually far out measures the actual amount of money taken in a cyber-attack.

Cybercrime is on the rise at a drastic rate

The rate at which cyber-attacks are targeted toward small businesses is staggering, to say the least. In the last year alone, cyber-attacks were up by a whopping 424%. This means that breaches grew more than 5 times this year compared to the previous year. It’s easy to assume that cybercriminals are going after large corporations due to the monetary incentives. However, this doesn’t seem to be the case for a few reasons. The first being that only 14% of small businesses rate their ability to mitigate risk as “highly effective”. The second being that almost half (47%) of small businesses don’t have an understanding of how to protect themselves against a cyber-attack. And finally, 54% of small businesses do not have a plan in place for reacting to cyber-attacks.

75% of small businesses do not have the staff or personnel to address IT security

It is expected that the growth in the cybersecurity market to be valued at 14.5% year over year. Growing from $156.4 billion in 2020 to $352.5 billion in 2022. Due to this surge of demand as well as growth within this industry; It is becoming increasingly harder for businesses to find the right person with the right skill set for the job. Even when polled the small businesses that indicated that they were prioritizing cyber security and that they had the budget; 75% of them still indicated that this was a major pain point for them. Unfortunately, this skill set is difficult to come by for employers, not to mention the cost and efforts to retain these types of employees in a highly competitive and lucrative market. Unfortunately, a lot of small businesses do not have the reach or budget for these efforts without the help of a managed provider.

What you can do for your business

Based on the points above, it’s no surprise that businesses are starting to put cyber security at the forefront of their business needs. Below are a few actionable steps that businesses can take themselves to mitigate their risk of a cyber security attack.

94% of detected malware by SMBs is received through email. Within emails, 45% of detected malware was sent through an Office document file to the median small business, while 26% were sent through a Windows App file. Because of this, it’s important to train and keep your employees on high alert for unsolicited emails.  

Industry experts say a small business’s cybersecurity budget should be at least 3% of the company’s total spending. If you are not putting this much into your cyber security budget, then you are likely underspending or completely negating any risk.  

Work with a trusted managed provider to address all your cyber security and IT needs. Typically, these managed providers support your entire IT infrastructure as well as your cyber security. It allows for predictable budgeting, no need for finding and retaining talent, as well as the resources of a fully dedicated team of IT professionals for the cost of one additional new hire in this field.

Click here if you are interested in receiving a full free assessment of your current cyber security as well as your IT environment.

About the Author: 

Mitchell Scarski is a well-experienced and knowledgeable sales professional that leads new client acquisition at Horizon Managed Services. He has an extensive background in sales and marketing as well as earned his degree in Computer Science.



43 Percent of Cyber Attacks Target Small Business

60% of small companies that suffer a cyber attack are out of business within six months.


15 Small Business Cyber Security Statistics That You Need to Know

5 Industries That Top the Hit List of Cyber Criminals in 2017


Cyber Security Statistics: Numbers Small Businesses Need to Know

7 Eye-Opening Cybersecurity Statistics Every Small Business Needs to Know in 2019

Cybercrime survey reveals SMB owners are unaware and unprepared

How Much Should Your Company Invest in Cybersecurity?

119 Impressive Cybersecurity Statistics: 2021/2022 Data & Market Analysis – Financesonline.com