Cybersecurity remains a major concern for small businesses worldwide, with 73% of organizations identifying it as a significant risk or vulnerability and nearly one quarter (24%) of SMB owners saying they worry about cyber threats daily, reported McAfee.
The concerns are well-founded as almost half (44%) of small businesses have fallen victim to at least one cyberattack, and 17% have experienced multiple attacks, according to the Global Small Business Study, a survey of 700 business owners and IT professionals conducted by McAfee together with Dell Technologies.
For about two-thirds of companies that faced a cyberattack, the incident occurred within the last two years, suggesting a rising threat of cybercrime. Nearly 85% of respondents have some form of security protection in place, and 60% have a plan for responding to an incident. These factors aren’t necessarily giving them confidence, though.
“Many small business owners understand that cyber threats are something they need to plan for and invest in mitigating. Despite their awareness, only about half (48%) of business owners/IT decision makers were fully confident in the ability of their business to prevent cyberattacks,” noted McAfee.
Businesses may also see heightened risk as cybercriminals increasingly leverage artificial intelligence (AI).
“Unfortunately, small business owners are at a significant disadvantage when faced with malicious messages that are increasingly realistic and frequent thanks to artificial intelligence. AI is a scammer’s favorite tool, helping cybercriminals increase the scale, speed and sophistication of phishing and text message scams,” the authors of the report said.
To mitigate risks, nearly half (45%) of small businesses spend seven hours a week focusing on general IT issues. For majority (76%) of these firms, cybersecurity is managed without external help, noted the report.
Small businesses face severe consequences from cyber incidents, with 61% of those affected reporting losses exceeding $10,000. The toll extends beyond financial impact, as 60% of business owners and IT decision makers experienced physical or mental strain, affecting both themselves and their staff. In more than half of cases, businesses lost more than a week dealing with IT issues resulting from the attacks.
“Preventing an attack is far simpler and less costly to your business than dealing with the aftermath,” McAfee said in a cybersecurity resource guide outlining the survey results.
For its survey, McAfee polled businesses in the U.S., U.K., Germany, France, Japan, and Australia. The firm highlighted a few regional specifics – for example, U.S. SMBs have adopted AI for cybersecurity at a higher rate, but also express the most concern about the negative cyber impacts of AI. In another stat, Australian SMBs report the highest level of confidence in their employees’ ability to spot scams (82%), but 44% also say they struggle with implementing cybersecurity measures.
The survey also revealed U.K. SMBs worry less about cyberattacks (17% say they “never worry”) and just 12% of these respondents said they lost money to a cyber hack, compared to 31% of U.S. SMBs.