Over Half of SMBs Experience Phishing and Social Engineering Attacks

PonemonThe assertion that SMBs aren’t a cyber-target is officially dead. SMBs are victims of the very same attacks as enterprises in growing numbers, according to new research.

Most SMBs don’t have the same cybersecurity resources as larger organizations, so it’s critical for them to focus on protecting against the most prevalent types of attacks SMBs face.

According to the latest data from Ponemon in their 2019 Global State of Cybersecurity in Small and Medium Businesses report, SMBs are feeling the heat of cyberthreats:

  • 66% experienced a cyberattack in the last 12 months
  • 63% experienced a data breach in the last 12 months
  • 69% say cyberattacks are becoming more targeted
  • 60% say cyberattacks are becoming more sophisticated
  • 61% say cyberattacks experienced are becoming more severe in terms of negative consequences
  • 39% say more time is needed to respond to cyber incidents

So, what are the big attack vectors SMBs are experiencing? According to the research:

  • Social Engineering / Phishing plague 53% of SMBs
  • Web-based attacks (50%)
  • Malware (39%)
  • Compromised or Stolen Devices (37%)
  • Credential Theft (29%)

The big issue here is the use of social engineering; whether as part of a phishing or web-based attacks, the use of social engineering tactics help to draw the victim in, create a sense of urgency, and do enough to cause the victim user to act in the desired way. Users are not educated with Security Awareness Training to be vigilant, looking for indications that an email may be malicious in nature. And in SMBs especially, the lack of a security culture and proper security tools in place is cause enough to focus on aspects of security that will have a material impact on keeping the organization secure.

Request Your Security Awareness Training Quote

products-KB4SAT6-2Old-school awareness training does not hack it anymore. Your email filters have a ~10% failure rate; you need a strong human firewall as your last line of defense. KnowBe4 is your platform for new-school security awareness training. We help you keep your users on their toes with security top of mind. You simply have got to start training and phishing your users ASAP. If you don't, the bad guys will. Find out how affordable this is for your organization and be pleasantly surprised.

Get A Quote Now

Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Nuclear Ransomware Webinar

Get the latest about social engineering

Subscribe to CyberheistNews