www.securitymagazine.com/articles/101513-cybersecurity-is-the-second-highest-business-concern-for-smbs
Half open laptop with colorful screen

Tianyi Ma via Unsplash

Cybersecurity is the second highest business concern for SMBs

Security Staff
April 2, 2025

Research by VikingCloud revealed that a successful cyberattack would force nearly one in five small- and medium-sized businesses (SMBs) to close their doors. For nearly a third of SMBs, a cyberattack with minimal financial impact – less than $10,000 – would cause them to shut down.

As a result, cybersecurity (48%) has emerged as the second highest business concern for SMBs, with inflation/rising costs (67%) at the top, and recession/reduced consumer spending (46%) also a significant issue.

Sixty percent of SMBs recognize they’re the most likely target for cybercriminals. Yet, there are concerning gaps in their cyber defenses, such as self-managing cybersecurity or relying on untrained family members or friends (74%), having outdated cyber technology (33%), or no access to technology at all (20%).

Eighty percent recognize they have cyber vulnerabilities, and yet they use easily hackable passwords with a pet’s name, a series of numbers, or a family member’s name (23%), never back up their data (16%), and don’t require multi-factor authentication (14%).

SMB tech stacks include the basics like antivirus software (50%), network scanning (47%), and firewalls (44%). But few are equipped for modern threats and haven’t deployed endpoint security (29%), dark web monitoring (22%) and penetration testing (18%). In addition, 32% lack the budget to hire more cyber staff, and only 15% hired an internal IT person or outsourced to a Managed Security Service Provider (MSSP).

Wi-Fi or network disruptions (52%), phishing texts and emails (48%), and fake social media accounts or website domains (32%) were the most common cyber disruptions faced in the past 12 months. SMBs are also a growing target for malware (24%), denial of service (19%), deepfake attacks (19%) and ransomware (14%). 

SMBs are also twice as likely to be unaware they’ve been breached by more sophisticated attacks, like a deepfake, compared with more common threats like network downtime. The risk of business downtime (55%), loss of customers (36%), and lower sales (22%) from cyberattacks are keeping SMB owners up at night.