Repairer Driven News
« Back « PREV Article  |  NEXT Article »

Nationwide survey indicates small, mid-market businesses fear of cyber attacks is rightfully growing

By on
Announcements | Insurance
Share This:

Sixty-nine percent of U.S. small business owners (SBOs) surveyed by Nationwide said they’re highly concerned about cyberattacks — an increase of 16 points since 2022 and 31 points since 2020.

The No. 1 reason respondents (53%) said for their concern is that cyberattacks have become increasingly common over the last few years.
Seventy-seven percent of mid-market business owners said they’re concerned about cyber attacks, mostly because of the increase in cyberattacks over the last few years.

For purposes of the survey, small businesses are defined as 1-50 employees and less than $10 million in annual revenue. Mid-market businesses are defined as 50-500 employees or $10 million to $500 million in annual revenue.

Other reasons SBOs were more concerned is that there are more devices in use that are vulnerable to attacks, not enough IT measures in place to prevent attacks, and not having cyber risk insurance.

While common cyber threats like ransomware, phishing, and malware remain top concerns, Nationwide’s survey found roughly one-quarter of small business owners (SBOs) have been targeted by a scam that used generative artificial intelligence (AI) within the last year.

Of those targeted, most described the attacks as attempted fraud using email, voice, or video impersonations of other business owners or senior-level employees they associate with.

Fifty-two percent of SBOs said they’ve been fooled by a deepfake image or video in the past year. Nine out of 10 said gen AI scams are becoming more sophisticated and that they need help protecting their enterprises from such attacks.

Though most SBOs agree that the rise in gen AI technology makes them more likely to purchase cyber insurance, less than half report having the necessary coverage, Nationwide said in a news release.

“As gen AI continues to transform various industries, its misuse in scams presents a significant challenge for small businesses with less resources for cyber defense than larger corporations, making them easier targets for cybercriminals,” said Nathan Lentz, Nationwide vice president of Small Commercial Sales and Distribution, in a news release.

“While small business owners feel prepared to prevent a cyberattack, they must ensure their preparedness is backed by comprehensive cyber insurance to truly safeguard their operations. Without it, they face potentially devastating consequences to their finances, operations, and customer relationships.”

Eighty-nine percent of SBOs and 74% of mid-market business owners said they trust their cyber insurance would take care of their recovery needs if there was an attack. However, 66% of SBOs and 43% of mid-market business owners said they haven’t given much thought to what would happen if they were the victim of a cyber attack.

Sixty-five percent of SBOs said they feel prepared to prevent cyber attacks, up 17 points from 2022.

It’s likely this confidence is due to the actions they’re taking to train workers to defend against cyberthreats, Nationwide said.

Seventy-one percent said they provide formal cybersecurity training for employees at least once a year, a 15-point jump from 2022), and 36% send phishing test emails to employees at least every few months to keep them on their toes, according to the survey results.

However, many also may have learned their cyber lessons the hard way, Nationwide said. Nearly a quarter (23%) of SBOs report their business has been a victim of a cyberattack and the majority say it jeopardized their company finances and had a moderate or major impact on their customers’ trust.

Mid-market businesses said a cyberattack has impacted or jeopardized their finances and nearly half said it had a moderate impact on customer trust.

When asked about the possible impacts of a cyberattack on their business, SBOs overwhelmingly underestimated the scope of damage a cyber breach can bring, according to the survey:

    • 81% believe an attack on their business would cost less than $5,000 in damages and recovery costs.
    • Another 1 in 5 (22%) believe they’d be back up and running in a month or less.

“In reality, these events can be far more detrimental to a business than SBOs realize: according to Nationwide’s claims data, the average cyber claim for a small business costs $18,000-$21,000 while the time for recovery can be as long as 75 days,” Nationwide said.

Two-thirds of SBOs (66%) are confident in their business’s ability to recover from an attack, a 9-point increase from 2022; however, only 42% said they have purchased cyber insurance coverage.

Sixty-six percent also said they either expect their non-cyber coverages to kick in to cover losses from a cyberattack or that they haven’t taken the time to think about what they would do after an attack.

Seven in 10 (69%) report having an incident response plan in place for a potential cyberattack but the plans are only good when they’re kept up-to-date; 3 in 10 (28%) said theirs is outdated.

“As clients rely more on technology and data, it’s crucial for agents to offer counsel on proactive steps they can take to protect their business from cyber criminals and bad actors,” Nationwide said. “Still, even the best efforts cannot prevent all attacks, which is why having an up-to-date incident response plan and cyber insurance is important to fall back on.”

Lentz added, “The time for business owners to figure out how to navigate a data breach is not during the incident — that could be an expensive and potentially business-threatening lesson for owners to learn.”

“Our research shows that three-quarters of agents (73%) say their commercial clients consider or purchase cyber insurance because they were either a victim to an attack or witnessed a similar business become a victim.

“As cyber threats continue to evolve, agents should encourage business owners to take proactive steps to protect their companies. Investing in the right insurance policies can not only mitigate the risks posed by cyberattacks but also ensure that recovery, when necessary, is faster, less costly, and more efficient.”

By encouraging a proactive approach that includes robust security practices, comprehensive cybersecurity coverage, and continuous education, agents can help business owners better protect themselves against the rising tide of cyber fraud, Nationwide said.

The top steps taken by SBO survey respondents were:

    • Using only a secured WiFi connection (41%)
    • Updating cybersecurity software (41%)
    • Backing up data following stricter protocols (36%)
    • Requiring multi-factor authentication (34%)
    • Blocking unsecured websites and social media (33%)

Mid-market business owners’ No. 1 tactic was adding encryption features (55%) followed by updating cybersecurity software (46%), requiring multi-factor authentication (45%) and adding regular password update requirements (45%), providing additional training to employees (44%), developing an incident response plan (44%), backing up data following stricter protocols (43%), and appointing a security expert (43%).

Images

Featured image credit: Pugun SJ/iStock

Infographic provided by Nationwide

Share This: