Ride the Lightning

58% of Small Businesses Have Had a Breach

November 2, 2021

In October, the Identity Theft Resource Center released its 2021 Business Aftermath Findings (Insights on Small Business Identity and Cybercrimes).

Among the most notable findings:

• 58% of small businesses have had at least one security breach or one data breach – or both.
• 44% paid between $250,000-$500,000 to cover their breach costs
• 16% paid between $500,000-$1,000,000 to cover their breach costs
• 42% said it took them 1-2 years to return business to normal
• 28% said it took them 3-5 years to return business to normal
• 7% have not yet fully recovered

What were the root causes of the breaches? Respondents could check multiple answers – here are the top answers:

• 40% external hacker
• 35% malicious insider (employee or contractor)
• 25% remote worker
• 22% failure to secure a cloud environment
• 19% third party vendor
• 17% failure to patch known software flaw

Multiple breaches are common for small businesses.

• 25% have had one breach
• 41% have had two breaches
• 25% have had three breaches
• 8% have had four or more

58% of small businesses having had a data breach is a BIG number. And it is likely to get bigger still.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson