Measured Insurance Partners with Canopius and Long-time Backer SCOR to Expand Critical Cyber Insurance Solutions

More than 40% of SMBs have been impacted by cybersecurity breaches

Measured Staff
April 21, 2022
|Share this article:

Organizations of all sizes are vulnerable to cybersecurity breaches. However, small and medium businesses (SMBs), for many reasons, can be an easy target for bad actors.

SMBs are a tempting target

There are a few reasons why small and mid-sized organizations are both tempting and vulnerable targets for cyber criminals. First of all, many of these businesses utilize vendors that provide managed services on their behalf. A bad actor can hit one of these managed service providers and impact many small organizations at once. 

SMBs also tend to rely on free and built-in security tools included with existing products rather than investing in dedicated security technologies. With limited resources, it is common for there to be a lack of focus on cybersecurity. 

Small Business Insights report

Recently, a poll conducted by Intuit Quickbooks collected feedback from 2,031 small and medium business owners in the United States. These organizations employ up to 100 people and have more than $5,000 in revenue annually. They were a combination of brick-and-mortar, omni-channel, multi-channel, and mainly online businesses.

When surveyed about current business concerns, half of the businesses stated rising costs while the other half cited the economy. One-third of respondents mentioned supply chain problems as an ongoing concern as well as cash flow. 23% of survey respondents also cited cybersecurity threats. Additional issues for small to mid-sized businesses included lack of funding, skills shortages, employee retention, low consumer demand, and lower-priced competitors. 

With a focus on cyber attacks, more than 40%, 42% to be exact, of surveyed businesses acknowledged that they had suffered a cybersecurity breach. Specifically, malware was the most common type of attack followed by phishing, data breaches, DDoS (distributed denial-of-service) attacks, and ransomware. 

How to protect SMBs

SMBs that want to enhance their cybersecurity measures should consider implementing tactics including but not limited to:

  • Utilizing multi-factor authentication
  • Investing in end-point detection and attack response tools
  • Exploring identity and access management tools
  • Considering the strategy of prevention instead of reaction and recovery
  • Reviewing permissions to sensitive information
  • Implementing hardware security keys