According to a recently released survey from Nationwide Insurance on cybersecurity and small business, being the victim of a cyberattack can be costly to your company both in time and money.
20% | Percentage of cyberattack victims who spent $50,000+ recovering from the cyberattack
7% | Victims who spent more than $100,000 recovering from the cyberattack
“Cyberattacks are some of the greatest threats to the modern company,” said Mark Berven, president of Property & Casualty for Nationwide. “Business owners are telling us that cybercriminals aren’t just attacking large corporations on Wall Street. They’re also targeting smaller companies on Main Street that often have fewer defense mechanisms in place, less available capital to re-invest in new systems and less name recognition to rebuild a damaged reputation.”
Part of the problem facing a business’ ability to recover from an attack is that a majority of owners are not prepared.
76% | The percentage of businesses that don’t have a cyber attack response plan
57% | Don’t have a plan to protect employee data
54% | Don’t have a plan to protect customer data
Good intentions, bad execution
The vast majority of business owners say it’s important to establish cybersecurity best practices. recommended. Unfortunately, far fewer actually establish such practice.
85% | Percentage of small businesses who say it’s important to protect their company’s computers against viruses, spyware and other malicious code
65 % | Percentage of small businesses who actually protect their company’s computers
85% | Say it’s important to secure their company’s computer
58% | Actually secure their company’s computers
85% | Say it’s important to make regular backups of business data and information
59% | Actually make regular backups of business data and information
83% | Say it’s important to establish security practices and policies to protect sensitive information
50% | Actually establish security practices and policies
81% | Say it’s important to control physical access to computers and network components
60% | Actually control physical access to computers and network components
80% | Say it’s important to require employees to use strong passwords and to change them often
52% | Actually require employees to do so
Perception vs. Reality
The survey respondents were given the chance to say in two different ways if their companies had been the victim of a cyberattack: First, in an “unaided” way in which they were not given examples of specific types of cyberattacks and second when they were aided with examples.
13% | Percentage of business owners who said they had been a victim of a cyber-attack when asked without being given examples of such attacks.
58 % | Percentage of owner-victims when provided a list of the following types of attacks (the list below).
When given specific examples of what cyber-attacks encompass, here are the percentage of participants in the survey who had experienced each attack.
36% | Computer virus
29% | Phishing
13% | Trojan horse
12% | Hacking
7% | Data reach
7% | Ransomware
7% | Issues due to unpatched software
6% | Unauthorized access to customer info
istock
Also on SmallBusiness.com