The new report details this perception gap, along with methods and frequency of SMB website attacks, the impact of breaches, security technologies in use, and expected website security spending for 2021.
In its inaugural State of Website Security and Threat Report, Sectigo surveyed more than 1,100 website security decision makers at SMBs and found that a significant number of businesses do not feel they are vulnerable to online threats, with 48% of respondents indicating that their business is “too small to be the target” of an attack.
Half of SMBs surveyed have experienced a website breach at some point, with 20% reporting a breach in the last 12 months. Yet half perceive their business as too small to be the target of a cyberattack, and 73 per cent believe they are effectively mitigating risks.
More than 40 per cent report a range of attacks targeting their website on a monthly or more frequent basis, with malware injection, data breaches, and brute force login attempts leading the list of attack vectors.
The majority of SMBs surveyed don’t believe they are vulnerable to online threats unless they have recently experienced an attack. Fifty-eight percent of SMBs who have recently experienced a breach feel their business is “vulnerable” or “very vulnerable,” compared to 30 per cent of those who have not recently had a breach considering their business to be “vulnerable” or “very vulnerable.”
Of the SMB survey respondents who experienced a breach in the past year, only three per cent reported “no impact” to their business due to the breach. More than 28 per cent reported “severe” or “very severe” consequences stemming from a cyberattack—with 60 per cent experiencing a website outage and more than a third incurring revenue loss.
Malware scanning and remediation, firewalls, and website backup tools, are the most common website security technologies SMBs use to protect their websites. While 94% of SMBs surveyed already use at least one type of security product or service to protect their websites, 37% of those who experienced an attack in the past year concede that they had some form of website security in place at the time—further underscoring the need for better, or additional, website security.
Sectigo President of Partners and Channels Michael Fowler said: “As SMBs increasingly digitize their operations, their websites become mission-critical for communicating with customers and conducting business. No business is too small a target. Attacks continue to evolve, and hackers are increasingly resourceful, making it critical for SMBs to invest in multi-layered solutions that stay ahead of ever-changing threats.”