Too Small to Fail?

75% would likely only survive 5-7 days after a ransomware attack

Busting two cybersecurity myths that many small and mid-size businesses believe in.

4/03/2023 11:00 A.M.

Many small and mid-size businesses (SMBs) mistakenly believe they are too small to be a target for cybercriminals—and that they can’t afford good cybersecurity. Let’s bust those myths now.

You are NOT too small to be a target for a cyber attack. If you have sensitive data, you’re a target.

Some stats to consider:

  • 61% of SMBs were the target of a cyberattack in 2021.*
  • 82% of ransomware attacks in 2021 were against companies with fewer than 1,000 employees. **
  • Employees of small businesses experience 350% more social engineering attacks than those at larger enterprises.***
  • 87% of small businesses have customer data that could be compromised in an attack.****

Cyber adversaries love SMBs because they prefer what they perceive as low-hanging fruit. So now that you know you are not too small to be the next victim of a cyber-attack, let’s bust the second prevalent myth: cybersecurity is too expensive for me to afford.

According to the CYE’s new Cybersecurity Maturity Report 2023, companies can still achieve a high cybersecurity maturity posture without a large budget. The report found that small- and medium-sized organizations had better cybersecurity maturity scores than organizations with over 10,000 employees. Managed services providers like TPx have experts on staff who are available 24/7 and can take a burden off your IT teams, usually for less than doing it in-house.

With a growing number of regulations, including the upcoming FTC Safeguards Rule, having proper safeguards in place becomes less of a choice. We encourage businesses of all sizes to act sooner than later, as every day of having exposed systems can result in serious consequences. Some 75% of SMBs polled in an SMBRS survey said they’d be able to survive only three to seven days following a ransomware attack.

If you want to instantly augment your IT team or get help with cybersecurity, go to to get started.

* 2022 Data Breach Investigations Report | Verizon

** Law enforcement pressure forces ransomware groups to refine tactics in Q4 2021

*** Spear-phishing report: Social engineering and growing complexity of attacks – Journey Notes

**** 51% of small business admit to leaving customer data unsecure –

If you have executive leadership updates or other member news to share with ACA, contact our communications department at [email protected]. View our publications page for more information and our news submission guidelines here.




Collector Magazine
One moment please...

Share Profile

This site uses cookies. By continuing to use our site, you are agreeing to our use of cookies. Review our Privacy Policy for more information. You may change your preferences on how cookies are stored by reviewing the settings on your browser.

The content on this site is presented for educational, general reference, and informational purposes only; is not intended to serve as legal or other advice; is not intended to be a full and exhaustive explanation of the law in any area; and should not replace the advice of your own legal counsel. By continuing to use our site, you are agreeing to the legal disclaimers in our Terms of Use. Review our Terms of Use for more information.

Friendly Reminder

Get continued access to ACA International’s wide array of resources, which can help you become more profitable, compliant and successful.

Renew your membership today to take advantage of tools you won’t find anywhere else:

  • Discounts on seminars, products, services and events
  • Resources to strengthen your compliance department
  • Industry-specific risk management products and services
  • Participation in ACA’s online community, The Hub
    Members-only website content
  • Professional development and training opportunities, and so much more!

If you have completed your renewal, please disregard this reminder.