Most small-business owners (78 percent) still don’t have a cyberattack response plan, even though more than half (54 percent) were victim to at least one type of cyberattack.
About 60 percent of those who did experience a cyberattack said it took longer than a month to recover. By contrast, of those who have not encountered a cyberattack, more than half (57 percent) think their company could recover within a month.
Those findings stem from Nationwide’s second annual Small Business Indicator, a national survey conducted online by Harris Poll on behalf of Nationwide from June 10-23 among 502 U.S. small-business owners with fewer than 300 employees.
The survey found that 54 percent were victim to at least one type of the following attacks:
1. Computer virus (37 percent)
2. Phishing (20 percent)
3. Trojan horse (15 percent)
4. Hacking (11 percent)
5. Unauthorized access to customer information (7 percent)
6. Unauthorized access to company information (7 percent)
7. Issues due to unpatched software (6 percent)
8. Data breach (6 percent)
9. Ransomware (4 percent)
“Cyber criminals are getting more sophisticated and realizing that small businesses are easy targets,” said Mark Berven, president of Nationwide Property & Casualty.
Berven said his company wanted to raise awareness of this trend during October, which the U.S. Homeland Security agency has designated as National Cyber Security Awareness Month.
According to the survey, 45 percent of small-business owners who do not have a cyberattack response plan in place said they don’t feel their company will be affected by a cyberattack (compared to 40 percent last year).
At the same time, the majority (68 percent) are at least somewhat concerned about a potential cyberattack affecting their business.