A Data Breach Can Cost a Small Business $2.5 Million

SMBs are attractive targets to cybercriminals because they typically have smaller cybersecurity budgets and may lack an internal security team dedicated to timely discovering and responding to cyberattacks. Critically, these organizations may also lack resources to train their employees to identify preventable breaches like phishing campaigns.

The Cisco Report

Late last year, Cisco published a special cybersecurity report (Cisco’s SMB Cybersecurity Report)(Report) focused how cyberattacks affect SMBs. The Report includes 1,816 survey respondents from 26 countries.

When surveyed, respondents listed these as the most concerning threats.

  • Targeted employee attacks (BEC and phishing)
  • Advanced persistent threats (new malware)
  • Ransomware

The Report also found that 29% of SMBs will pay under $100,000 after a data breach but 20% indicated the same incident will cost them between $1,000,000 and $2,499,999.

One reason cyberattacks are so impactful to SMBs is their core systems are more likely to be interconnected and interdependent whereas larger companies might have redundant systems spread across multiple locations.


At bottom, the Report simply recommends to develop a strategy to improve cybersecurity. Then implement it!

“Incremental change is better than no change,” Cisco says. “In short, [companies] should not let a desire to be “perfect” in their security approach get in the way of becoming “better.” Perfect, as in all things, does not exist.” Cisco recommends that whatever your plan is, it should include employees receiving appropriate cybersecurity training!

For questions about how to strengthen your cybersecurity program, please email our privacy and security professionals at cyberteam@eplaceinc.com. Consultation is prepaid by your insurance carrier and is at no cost to you!

Print Friendly, PDF & Email