Despite an improvement in preparedness, small businesses in the US remain highly vulnerable to cyber incidents. A recent report indicates that, although these businesses paid less to address cyber incidents last year, the number of attacks and breaches increased.

The median number of attacks rose from 3 in 2022 to 4 in 2023, with 41% of small businesses falling victim to cyber attacks in 2023 – a notable increase from previous years. The report, conducted by Hiscox and based on a survey of over 500 small business professionals, highlights concerns about the frequency and impact of cyber attacks on small businesses.

Chris Hojnowski, Vice President and Product Head of Technology and Cyber at Hiscox USA, emphasized the significance of these findings. He expressed worry that the 41% figure illustrates how close small businesses are to experiencing a cyber attack.

One positive note from the report is the slight decrease in the cost of addressing cyber breaches, though the increase in the number of attacks has offset this improvement. Additionally, advancements in artificial intelligence have made it harder to detect phishing emails, posing further challenges for small businesses.

Hojnowski stressed the importance of staying vigilant and utilizing AI tools to protect against cyber threats. He also underscored the need for increased investments in cyber security, training, and insurance, pointing out that 59% of small businesses do not provide security awareness training and 43% lack network-based firewalls.

The report also revealed that the US ranks second in cyber maturity, but only 4% of small businesses are experts in cyber security, while 63% are considered intermediate. These findings highlight the need for continued efforts to enhance cyber readiness among small businesses.

Overall, the Hiscox report sheds light on the ongoing challenges small businesses face in combating cyber threats and the need for comprehensive approaches to strengthen their resilience.