Cybercriminals have moved on from large enterprises and are now targeting SMBs.
While large organisations may offer a bigger payload, cybercriminals are increasingly targeting small and medium-sized businesses (SMBs) as they generally have smaller cybersecurity budgets and often lack a dedicated in-house security team to deal with cyberattacks.
In its new Small and Mighty SMB Cybersecurity report, Cisco revealed that 53 per cent of SMBs have experienced a data breach. To compile its report, the company surveyed 1,816 respondents across 26 countries and also drew upon the results of its 2018 Security Capabilities Benchmark Study.
According to Cisco, 29 per cent of SMBs will pay less than $100,000 after a data breach though 20 per cent said the same incident would cost them between $1m and $2.5m to resolve.
The report also shed light on the fact that 40 per cent of SMBs will experience an average of eight hours or more of system downtime following a breach which is on par with their larger counterparts.
Cisco explained how SMBs’ response differs from that of large enterprises in its report, noting:
“The difference, though, is that larger organizations tend to be more resilient than small/midmarket businesses following an attack because they have more resources for response and recovery.”
Of those surveyed, 39 per cent said at least half of their systems had been impacted as a result of a severe data breach in the last year.
Regarding the biggest security challenges faced by SMBs, respondents reported targeted attacks, advanced persistent threats (APTs), ransomware and DDoS attacks as the most concerning.