We’ve collected these cyber security statistics for small businesses from a variety of sources.
Last updated: December 24, 2016
General Small Business Cyber Security Statistics
- 43 percent  of cyber attacks target small business.
- Only 14 percent  of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective.
- 60 percent  of small companies go out of business within six months of a cyber attack.
- 48 percent  of data security breaches are caused by acts of malicious intent. Human error or system failure account for the rest.
- Small businesses are most concerned about  the security of customer data:
Small Business Cyber Security Attack Statistics
The numbers show  that small businesses are not only at risk of attack, but have already been attacked:
- 55 percent of respondents say their companies have experienced a cyber attack in the past 12 months(May 2015 -May 2016), and
- 50 percent report they had data breaches involving customer and employee information in the past 12 months (May 2015 -May 2016).
- In the aftermath of these incidents, these companies spent an average of $879,582 because of damage or theft of IT assets.
- In addition, disruption to normal operations cost an average of $955,429.
- The types of cyber attacks broke out as following:
- The root causes of data breaches broke out as following:
Small Business Cyber Security Prevention Statistics
- While many small businesses are concerned about cyber attacks  (58 percent), more than half (51 percent) are not allocating any budget at all to risk mitigation.
- Dangerous disconnect:  one of the more popular responses as to small businesses they don’t allocate budget to risk mitigation was that they, “feel they don’t store any valuable data.” Yet a good number reported that they in fact DO store pieces of customer information that are of significant value to cyber criminals:
- 68 percent store email addresses;
- 64 percent store phone numbers; and
- 54 percent store billing addresses.
- Small businesses reported  that only:
- 38 percent regularly upgrade software solutions;
- 31 percent monitor business credit reports; and
- 22 percent encrypt databases.
- If a company has a password policy, 65 percent  of respondents say they do not strictly enforce it.
- 16 percent  of respondents admitted that they had only reviewed their cybersecurity posture after they were hit by an attack.
- 75 percent  of small businesses have no cyber risk insurance .
As cyber criminals continue to target small businesses, owners and employees need to know how to protect both their customers and themselves. Here are some useful links for doing just that:
- Over 75 Cybersecurity Tips in This Free eBook! 
- Need Cyber Protection? Avast for Business Offers it Free 
- How to Protect Your Small Business as Cybersecurity Threats Rise 
- 12 Ways to Protect Your Smartphone from Cyber Attacks 
- Here’s What the Dropbox Breach Should Teach Small Business About Cybersecurity 
- Can Wearable Technology Threaten the Cyber Security of Your Business? 
Cyber SEcurity  Photo via Shutterstock