Despite improvements in preparedness, small businesses in the US remain highly vulnerable to cyber incidents, according to a recent report. The report reveals that while these businesses paid less to respond to cyber incidents last year, they experienced increased attacks and breaches, with the median number of attacks rising from 3 in 2022 to 4 in 2023.

Additionally, 41% of small businesses fell victim to cyber attacks in 2023, marking a significant increase from previous years. The report, which involved polling over 500 US small business professionals and assessing their preparedness to combat cyber incidents, highlighted some key findings.

These included a decrease in the cost of cyber incidents year over year, offset by the growing number of attacks. The rise in cyber attacks has also been attributed to new artificial intelligence developments, which have made it more challenging to detect phishing emails.

The report emphasized the importance of increased investments in cybersecurity, training, and insurance, as well as the need for constant vigilance and the use of AI tools to protect small business owners from cyber threats. It also revealed that despite an increase in IT security spending, many small businesses still lack security awareness training and network-based firewalls, highlighting areas of vulnerability.

The report also compared the cyber maturity and expertise of small businesses in the US to other countries, indicating that while the US ranks second for cyber maturity, only 4% of small businesses are considered cyber experts, with the majority falling into the intermediate category. The findings of the report are concerning, and it is clear that small businesses need to prioritize cybersecurity measures and invest in training and awareness to better protect themselves from cyber threats.