Most U.S. small business owners don’t have cyberattack response plan, new survey says

Most small business owners in the United States (78%) still don’t have a cyberattack response plan, even though more than half (54%) were victim to at least one type of cyberattack, according to Nationwide’s second annual Small Business Indicator.

The majority of small business owners are at least somewhat concerned about a potential cyberattack affecting their business. Credit: Nationwide.

The survey, released on Thursday, found that 60% of respondents who did experience a cyberattack said it took longer than a month to recover. By contrast, of those who have not encountered a cyberattack, more than half (57%) think their company could recover within a month.

The survey was conducted online by Harris Poll on behalf of Nationwide and included 502 U.S. small business owners with fewer than 300 employees – 190 Millennials (ages 18-35), 152 Gen Xers (ages 36-50) and 106 Baby Boomers (ages 51-65).

According to the survey, 45% of small business owners who do not have a cyberattack response plan in place said they don’t feel their company will be affected by a cyberattack (compared to 40% last year). At the same time, the majority (68%) are at least somewhat concerned about a potential cyberattack affecting their business – especially since more than half were victim to at least one type of the following attacks:

• Computer virus (37%);
• Phishing (20%);
• Trojan horse (15%);
• Hacking (11%);
• Unauthorized access to customer information (7%) or company information (7%);
• Issues due to unpatched software (6%);
• Data breach (6%); and
• Ransomware (4%).

Related: Nearly eight in 10 small business owners in the U.S. don’t have cyberattack response plan, but 63% have had at least one incident: study

“Cyber criminals are getting more sophisticated and realizing that small businesses are easy targets,” said Mark Berven, president of Nationwide Property & Casualty, in a press release. “That’s why we wanted to raise awareness of this trend for both agents and their small business clients during National Cyber Security Awareness Month.”

Based in Colombus, Ohio, Nationwide is one of the largest diversified insurance and financial services organizations in the U.S. The company provides a full range of insurance and financial services, including auto, commercial, homeowners, farm and life insurance; public and private sector retirement plans, annuities and mutual funds; banking and mortgages; excess & surplus, specialty and surety; and pet, motorcycle and boat insurance.