Header 5 - Small Businesses Continue to Be Big Targets

Small Businesses Continue to Be Big Targets for Cyberattacks

By Sara Bankert, Director of Small Business/BOP

The numbers don’t lie. Cyberattacks on small-to-medium-sized businesses (SMBs) are growing in severity and frequency.

In 2021, according to the financial information website Fundera, SMBs experienced a whopping 424% increase in cyber breaches during 2020, costing businesses more than $2.2 million in losses and causing 60% of companies to permanently close their doors within six months after experiencing an attack. Shockingly, although many SMBs realize that they have a lot to lose if hit by a cyberattack, approximately 88% of owners surveyed acknowledge that their company remains vulnerable to a cyberattack.

“A common misconception for small businesses is [the] idea of security through obscurity, that your business is too small to be a target. Unfortunately, this is not the case.”
– Source: Expert Insights

According to the Small Business Association, SMBs are attractive targets because they have information that cybercriminals want and typically lack the security infrastructure of larger businesses. The SBA goes on to note that learning about growing cybersecurity threats and trends can help businesses better understand where they may be vulnerable to an incident, allowing them to proactively improve their cybersecurity efforts to better mitigate risks.

The top five security threats facing SMBs this year are:

  1. Phishing: 90% of all data breaches can be attributed to phishing.
  2. Malware: 47% of all malware attacks in the U.S. are aimed at small companies, and today malware remains the second-biggest threat to SMBs.
  3. Ransomware: 80% of SMBs don’t employ data protection or email security, and that makes them easy targets for cybercriminals.
  4. Compromised passwords: 81% of data breaches are due to poor password security.
  5. Insider threats: 60% of U.S. businesses experience more than 30 insider threats each year.

“The future of small businesses depends on whether they choose to know the trends in cybersecurity or remain ignorant of them.”
– Source: Everyday Cyber

Cybersecurity Trends for 2022

The following are cybersecurity trends that will continue to impact SMBs in 2022, according to the website Everyday Cyber.

Remote work risks will increase. More employees working from home have left SMBs with inadequate security protocols and particularly vulnerable to a cyberattack.

The Internet of Things will increase exposure opportunities. The increased use of electronic devices, such as smartphones, tablets and inventory trackers by employees, has created more points of entry for cybercriminals.

Cloud service threats will grow. As more SMBs utilize the cloud, it will be increasingly vital for them to establish secure encryption and authentication security measures, along with proper configuration and audit logging when using cloud services.

Multifactor authentication will be a must. Multiple layers of security on all systems and devices will increase, helping prove the user’s identity and deter hackers.

Data privacy will become a discipline. Data privacy discipline will no longer assume a passive role, with more SMBs creating a data privacy management system that includes the use of security tools to prevent data loss and repel cyber breaches.

Artificial intelligence will aid in cybersecurity efforts. AI is being widely used to help SMBs better track and establish threat patterns and malicious cyber behavior.


Technology has opened up incredible opportunities for your small business clients to streamline services that better serve their customers. However, technology has also created liabilities that businesses may never have thought possible. Today, it is critical for small businesses to establish a defense plan for mitigating potential liability costs and other expenses associated with a cyberattack. The best place to start is with a comprehensive cyber insurance policy.

Sara Bankert is Director of Small Business/BOP of Builders & Tradesmen's Insurance Services, Inc., an Amynta Group Company.

The recent increase in cyberattacks and data breaches has expanded market growth for cyber insurance. BTIS, a managing general agency focused on serving small businesses with end-to-end insurance solutions, has recently launched an all-new cyber insurance marketplace. Now, retail brokers can offer their clients comprehensive cyber liability insurance coverage for a growing number of business types, along with the convenience of simplified quoting and binding.

For additional information, visit www.btisinc.com or call (877) 649-6682

Scroll to Top