Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

58% of Small Businesses Have Had a Breach

November 2, 2021

In October, the Identity Theft Resource Center released its 2021 Business Aftermath Findings (Insights on Small Business Identity and Cybercrimes).

Among the most notable findings:

  • 58% of small businesses have had at least one security breach or one data breach – or both.
  • 44% paid between $250,000-$500,000 to cover their breach costs
  • 16% paid between $500,000-$1,000,000 to cover their breach costs
  • 42% said it took them 1-2 years to return business to normal
  • 28% said it took them 3-5 years to return business to normal
  • 7% have not yet fully recovered

What were the root causes of the breaches? Respondents could check multiple answers – here are the top answers:

  • 40% external hacker
  • 35% malicious insider (employee or contractor)
  • 25% remote worker
  • 22% failure to secure a cloud environment
  • 19% third party vendor
  • 17% failure to patch known software flaw

Multiple breaches are common for small businesses.

  • 25% have had one breach
  • 41% have had two breaches
  • 25% have had three breaches
  • 8% have had four or more

58% of small businesses having had a data breach is a BIG number. And it is likely to get bigger still.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology