Almost half of small and medium-sized businesses believe they are too small to be targeted by hackers according to research by Sectigo.

The SSL certificate authority surveyed 1,100 website security decision-makers at small and medium businesses (SMBs) globally for its ‘State of Website Security and Threat’ report.

Small businesses are usually defined as organisations with fewer than 100 employees, and medium-sized businesses are those with 100 to 999 employees.

Sectigo’s report revealed that 50% of SMBs surveyed have experienced a website breach at some point, with 20% reporting a breach in the last 12 months alone. Despite this, 48% believe they are too small to be hacked and 73% believe they are doing enough to avoid an attack.

With Covid-19 prompting businesses of all sizes to boost their digital offerings, as well as creating a need for the deployment of remote working technology, a wider range of businesses have found themselves on the receiving end of cyberattacks.

According to the UK’s National Cyber Security Centre, understanding what cybersecurity measures SMBs need during this time “can seem like quite a challenge”.

Furthermore, 58% of employees working for SMBs don’t believe that their employer is adequately prepared for an increase in phishing attacks, according to separate research by Avast.

Recent attacks, including the infamous Solar Winds hack, have demonstrated that a weak link in a supply chain can result in multiple organisations being affected by a single security incident.

40% of those surveyed as part of Sectigo’s research reported that their websites are being targeted by a range of attacks on a monthly or more frequent basis, with malware injection, data breaches, and brute force login attempts the most common attack vectors.

Of the SMBs that have experienced a breach over the past year, 28% said the cyberattack had “severe” or “very severe” consequences, with 60% experiencing a website outage and over a third suffering revenue loss.

However, the research suggests that those who have had to deal with the fallout of a breach have a more accurate perception of the likelihood that they will be targeted. 58% of SMBs who have recently experienced a breach feel their business is “vulnerable” or “very vulnerable,” compared to 30% of those who have not recently had a breach.

“As SMBs increasingly digitise their operations, their websites become mission-critical for communicating with customers and conducting business,” explained Michael Fowler, president of partners and channels at Sectigo.

“No business is too small a target. Attacks continue to evolve, and hackers are increasingly resourceful, making it critical for SMBs to invest in multi-layered solutions that stay ahead of ever-changing threats.”


Read More: Enterprises continue to struggle with social engineered cyber-attacks.