top of page

Cyber-Security Statistics Every Small Business Should Know

Updated: Feb 2, 2019

Man analyzing giant analytics dashboard

In order to have an idea of the scale of the online phenomenon of online security threats and

their consequences on all businesses, from small to large, we have compiled some of the most interesting and worrisome statistics from the last couple of years.

While the seriousness of these attacks may have varied, it has always led to losses of some

sort. Most of the surveyed businesses had to spend important amounts of money to counter the attack. In 38% of the cases, 50.000$ or more were lost by the company. The attacks led to

loss of data and business interruption in more than half the cases.

About half of all cyber attacks are directed at small businesses

While some sources claim that 43% of attacks are directed at small businesses, Verizon has

found this percentage to be 58%, in their 2018 study. We’ve mentioned this issue before.

The reason why so many small enterprises are targeted is that they are less likely to have

invested time and money into data loss prevention and cyber security, making them easy


Ransomware attacks have decreased in 2018 - only to be replaced by cryptomining

Ransomware had made the headlines in worldwide media after the wannacry crisis in 2017,

when an estimated 200k-400k computers were affected by this type of security breach. Good

news is that since then, this type of attack has been decreasing. In 2018, it was 30% less

common. Bad news is that other threats are on the rise. Cryptominers are now the most

common type of attack worldwide. This type of attack takes control of your computer and

uses its resources to mine cryptocurrency, slowing down your activity significantly in the


Healthcare organizations are among the most vulnerable against cyber-attacks

These organizations are often targeted because of the detailed personal data they store about their patients. Names, addresses, social security numbers, health insurance information and medical history. Access to this type of data means that hackers could impersonate a patient, use his/her credentials to obtain expensive medication or medical services. Also, for healthcare organizations, data loss and/or blocked servers can result in potential loss of lives, which is why hospitals and other similar practices are more willing to pay the hackers in order to restore functionality. Then it’s no wonder that some reports have found over 75% of healthcare organizations to have been infected with malware and that 96% of all ransomware attacks have been directed at them.

41% of companies have over 1000 files with sensitive data, open to everyone

According to a Varonis report, these companies have unsecured files containing the

following data: credit card information, health records and other personal information. All

employees have unrestricted access to these. Furthermore, the same report shows that

many companies keep “stale data” and “stale users” on their servers. Stale data is not used

in daily operations, while stale users are inactive users, belonging many times to employees

who have left the company.



bottom of page