Financial Consequences of a Cyberattack for Small Businesses

Back to Blog
close up programmer man hand (employee) typing computer language (binary code) to input on security system to protect and prevent malware (virus) for cyber security concept

Financial Consequences of a Cyberattack for Small Businesses

Cyberattacks have skyrocketed by more than 400 percent since the early part of 2020. And small and medium-sized businesses (SMBs) were a big part of this number. Some sources report up to 71% of cyberattacks hit SMBs. Yet, 43% of SMBs lack cybersecurity defense plans, and one in five SMBs fail to use endpoint security.  


Why this lack of concern? A recent study revealed that 60% of SMB leaders believe cybercriminals aren’t likely to target their organization. SMB execs also cite tight budget as a reason they fail to institute data breach protections. 


Cyberattack Price Tags 

Many SMBs don’t realize that the cost of just one data breach can surpass the cost of strong security and the damage could be irreparable. The current average global price tag of data breaches is $3.86 million. In the United States, it’s $8.6 million. The US gets first place, the Middle East ranks second, with Canada coming in third. 


Healthcare holds the lead for industries at $7.6 million. Energy ranked as the second most costly sector and the financial and pharmaceutical industries hit third and fourth, respectively. 


SMBs can also suffer significantly due to down-time. One survey reported that a breach inflicted at least 24 hours of downtime. Downtime also means loss of revenue and the cost can bleed far beyond the actual downtime and into reputation. 


Breach Abandonment 

Consumers will often abandon a business after it has suffered a cyberattack. They lose trust even if their personal information isn’t compromised. Customers also spread the word about a breach and encourage friends and family to shop with a competitor. SMBs should know that 52% of consumers admitted that data security is the primary consideration when purchasing products and services – and they’re willing to pay a company with better security for those products or services. 


Threats on the Inside 

Cybercriminals aren’t the only threat to SMBs, though–85% of data breaches result from human error or malicious behavior. In Verizon report, incorrect delivery and misconfiguration were in top spots for human error, and 70% of SMB employee passwords were lost or stolen. A single insider breach can put an SMB on the hook for around $7.68 million 


SMB leaders must understand that hackers target the easiest prey, not the biggest businesses. And a careless employee poses the same, if not greater, risk to an organization’s data security. Forgoing stringent cybersecurity will cost a company more in the long run – for an SMB, it could cost them their entire business. 


MSPs are responsible for helping secure their clients’ networks and protect their data—and vulnerability scanning can be one of their most powerful tools. This proactive approach detects risks before they become incidents. Not only will regular vulnerability scans generate recurring income, but the problems they uncover can expand your revenue and your worth to your client when you perform the fix. 


To find more about how you can use vulnerability scanning to secure your clients, visit us and request a demo. 



  1. States Where Businesses are Least Likely to Go Bankrupt After a Cyberattack, Verizon, 2020 
  1. Cost of Data Breach Report, Ponemon, 2020 
  1. Data Breach Investigations Report, Verizon, 2020 
  1. 2020 Cost of Insider Threats Global Report, Ponemon, 2020 
  1. 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses, Keeper and Ponemon Institute, 2019