Small Businesses Facing Increased Hacking Risks 2024 Report

Introduction

In the wake of the February cyberattack on UnitedHealth Group, which caused substantial disruptions in the U.S. healthcare system, small to medium-sized enterprises (SMEs) are recognizing the growing threat of cyberattacks. Despite heightened vigilance and significant investments in cybersecurity, small businesses continue to be attractive targets for cybercriminals.

The Growing Threat to Small Businesses

The recent “60 Minutes” segment on the cyberattack against MGM Resorts starkly illustrated the potential consequences of cyber threats, with the Las Vegas casinos suffering a $100 million revenue loss. However, it is not just large corporations that are at risk. According to a CSO article, small businesses are increasingly targeted due to their perceived vulnerabilities.

Alarming Statistics

A Devolutions survey revealed that 69% of small and medium-sized businesses experienced cyberattacks in the past year, marking a 9% increase from 2022. Despite a high level of confidence in their cybersecurity measures, only slightly more than half of these businesses allocate the recommended 6 to 15 percent of their annual IT budget to cybersecurity.

Consequences of Underinvestment

The financial impact of cyberattacks on small businesses is severe, with costs ranging from $120,000 to $1.24 million per incident. Devolutions also reports that 60% of affected businesses shut down within six months of an attack. Additionally, many small businesses lack adequate insurance coverage for cyber incidents, further exacerbating their vulnerability.

Recommendations for Enhancing Cybersecurity

To combat the rising tide of cyber threats, small business owners should prioritize cybersecurity as a key organizational commitment. This includes:

  • Conducting a Thorough Risk Analysis: Understand the potential risks associated with business activities, client data, and internal operations.
  • Maintaining Good Cyber Hygiene: Implement up-to-date security practices, regular employee training, and strong password management protocols.
  • Implementing Two-Factor Authentication: This should be a standard security measure for accessing business networks and systems.
  • Regularly Backing Up IT Networks: Ensure that backups are regularly tested and accessible to maintain business continuity in the event of a cyberattack.
  • Speak With Us: At PivIT Strategy we make sure your protected and can focus on the important things, like running your business.

Conclusion

As cyber threats continue to evolve, small businesses must enhance their cybersecurity strategies to protect themselves from potential financial and operational catastrophes. By recognizing the risks and implementing effective cybersecurity measures, small businesses can significantly reduce their vulnerability to cyberattacks.

Jeff Wolverton

Jeff, the CEO of PivIT Strategy, brings over 30 years of IT and cybersecurity experience to the company. He began his career as a programmer and worked his way up to the role of CIO at a Fortune 500 company before founding PivIT Strategy.