Nationwide: Small businesses misjudge cyberattack recovery costs
The carrier's research indicates the average cyber claim for small businesses costs between $18,000 and $21,000.
Recovery costs after a cyberattack far exceed what most small business owners believe, according to a recent Nationwide survey.
Sixty-five percent believe costs would be $5,000 or less, the data showed, and 20% think they’d recover in under a month. Meanwhile, six in ten small businesses believe their non-cyber insurance provides coverage for breaches, ransomware incidents and other digital loss events. Only 42% of small business owners report having cyber insurance coverage.
All of this while Nationwide claims data indicates the average cyber claim for small businesses costs between $18,000 and $21,000, while recovery time can take up to 75 days.
Other key insights from the survey include:
- Twenty-six percent of small business owners report being targeted by AI-driven scams in the past year, most commonly describing the attacks as attempted fraud using email, voice or video impersonations of senior-level employees.
- Fifty-two percent of owners admit being personally duped by deepfake images or videos in the past year.
- Nine out of ten survey respondents want more support to protect against increasingly sophisticated attacks.
“In some ways, small businesses may be more vulnerable than bigger companies with larger budgets and more staff to address security, but we are typically less likely to fall prey to an attack,” Don Snizaski, president of Life and Safety Consultants, told PropertyCasualty360.com.
“Smaller companies are also agile and able to respond to potential threats almost immediately by communicating directly with their employees and taking any necessary corrective action,” Snizaski added. “Another reason we are less likely to be attacked is that we are small and the ‘juice isn’t worth the squeeze’ so to speak.”
According to Nationwide, 65% of small business owners feel prepared for preventing a cyberattack, while roughly 69% remain worried about a potential attack on their business.
Nationwide said 71% of small business owners now provide formal cybersecurity training to employees at least once a year, with 36% saying they send phishing test emails to employees at least once every few months to keep them on their toes.
See also: