Results are weighted to be representative of small-business owners in the U.S. Research participants were drawn from the Harris Poll Online research panel and partner sample.

Related: Friday's cyber attacks a 'wake-up call' for insurers and public alike

Here are 10 insights into how small-business owners perceive their cyber risk and their need for cyber insurance:

Cybersecurity is a low priority for many small-business owners because the threat is not palpable. (Photo: iStock)

1. Most small businesses still don't have a cyberattack response plan.

Larger companies and mid-size companies are more likely than smaller companies to have a cyberattack plan in place.

Of the small-business owners surveyed, 78 percent don't have a cyberattack response plan, even though more than half (54 percent) were victims to a least one type of the following attacks:

• Computer virus: 37 percent.
• Phishing: 20 percent.
• Trojan horses: 15 percent.
• Hacking: 11 percent.
• Unauthorized access to customer information: 7 percent.
• Unauthorized access to company information: 7 percent.
• Data breach: 6 percent.
• Issues due to unpatched software: 6 percent.
• Ransomware: 4 percent.

Related: What's your data breach response plan?

A larger number of small-business owners don't know if they have insurance that covers potential cyber losses. (Photo: iStock)

2. Just over half of small-business owners understand cyber insurance policies.

About 1 in 10 (11 percent) of small-business owners don't know if their insurance covers losses due to cyberattacks.

Of small-business owners whose insurance covers losses due to cyberattacks, most utilize an insurance agent or insurance carrier’s risk management resources.

While most survey respondents understand insurance coverage overall (87 percent), many have gaps in their business insurance coverage (45 percent).

Related: 3 things to do when looking for cyber insurance

The survey found that 1 in 10 small-business owners are very concerned about a potential cyberattack. (Photo: iStock)

3. The majority are at least somewhat concerned about a potential cyberattack affecting their business.

The survey found that 1 in 10 small business owners are very concerned about a potential cyberattack, while over two in three small-business owners are at least somewhat concerned.

Here's a breakdown of the responses to the question, "How concerned are your with a potential cyberattack affecting your business?":

• Very concerned: 10 percent.
• Concerned: 17 percent.
• Somewhat concerned: 41 percent.
• Not at all concerned: 32 percent.

Larger (86 percent) and mid-size (88 percent) companies are more likely to be concerned about potential cyberattacks than are smaller companies (59 percent).

Millennial small-business owners are the most likely to be very concerned about a potential cyberattack affecting their business (26 percent vs. 8 percent Gen X, 7 percent Baby Boomers).

Related: Data breaches continue to increase, according to figures from Beazley

Of those attacked, 60 percent of small-businesses victims said it took more than one month to recover. (Photo: iStock)

4. Recovery time from a cyberattack takes longer than expected.

Of those who have not encountered a cyberattack, over half of small-business owners (57 percent) say their company could recover within a month.

However, 60 percent of those who did experience a cyberattack, say it took longer than a month to recover.

Related: How to develop a cyber strategy

(Photo: iStock)

5. Nearly all are at least somewhat confident in their ability to recover from a cyberattack.

The percent of respondents who are "confident" in their ability to recover from a cyberattack is down nine percentage points from 2014 (31 percent vs. 40 percent).

Only 5 percent of small-business owners are "Not at all confident" in their ability to recover from a cyberattack.

Gen Xers are least likely to feel "confident/very confident" about financially bouncing back from a breach (61 percent vs. 78 percent Millennials, 77 percent Baby Boomers).

Related: 6 steps to take to evaluate cyber risk

(Photo: iStock)

6. Most say cybersecurity insurance is too expensive.

Seven in 10 (71 percent) of small-business owners say cybersecurity insurance is too expensive.

Related: 6 things agents need to know about basic security for cyber coverage

(Photo: iStock)

7. Most acknowledge it's increasingly important to keep customers’ data secure to build trust.

A total of 88 percent of respondents "strongly agree" or "somewhat agree" that it's becoming increasingly important to keep customers' data secure to build trust.

About two-thirds (64 percent) of small-business owners say they use encryption services to protect customer data.

Almost half (46 percent) admit they don't fully understand cyberattacks, still 3 in 5 (62 percent) say they feel they have adequate cybersecurity training.

Related: What are the leading causes of data security breahces?

(Photo: iStock)

8. Over half have trained employees on what to do if a suspicious message is discovered and how to detect phishing scams.

About half (48 percent) have trained their employees on how to back up customer information every day to a cloud or hard drive.

Two in 5 have trained employees how to protect business information on mobile devices.

Only about 1 in 4 (24 percent) of small-business owners have trained employees to take all of the following security measures:

• What to do if a suspicious message is discovered.
• How to detech phishing scams via email or social media.
• To back up customer information every day to a cloud or hard drive.
• How to protect business informaiton on mobile devices.

Recovery from a cybersecurity breach may include damage control to a business' reputation. (Photo: iStock)

9. Small-business owners believe financial and reputational recovery may take longer than fixing a cybersecurity breach.

More than 6 in 10 (63 percent) say the data breach would be corrected in less than three months, while fewer small-business owners believe their reputation (56 percent) or finances (53 percent) would recover in the same amount of time.

Smaller companies expect a shorter time for their reputation to recover: 66 percent of smaller companies say their reputation would recover in less than three months, compared to 36 pecent each for mid-size and larger companies.

Related: More businesses are using insurance to manage their cyber risk

A cybersecurity plan should include an analysis of the benefits of cyber insurance to cover losses in case of a breach or fraud. (Photo: iStock)

10. To help small-business owners and their insurance agents create a cybersecurity plan, here are some helpful tips:

• Guard your physical perimerter to prevent hackes from accessing sensivite data and your company's computer network.
• Educate your employees because they are your company's first line of defense against cyber criminals.
• Activate your firewall to block connections that are used to hack into your system and deliver viruses.
• Install and regularly update spyware, anti-virus and malware software to help prevent and detect any of those from affecting your computers.
• Use stronger passwords of 8-10 characters that include letters, numbers and special characters. Change passwords regularly.
• Secure your WiFi networks to prevent hackers from accessing your servers or using your internet connection without your knowledge.
• Set social network profiles to private and check security settings. Also, be mindful of what information is posted online.
• Encrypt your most sensitive data, make a backup and store it in a fireproof safe or offsite. Use a dedicated computer for all sensitive information.
• Carefully select online computing services. Any information you share with vendors can be compromised by their system.
• Acquire cyber insurance to cover losses in case of a breach or fraud.

Related:

More companies are buying cyber coverage, Marsh says

Insurance for small businesses a growth opportunity, report says

Is your business prepared for weather and cyber risks?