Executive Summary

The growing risk of cybercrime threatens every aspect of society. Large corporations and public institutions have spent recent years revamping their cybersecurity units with cutting-edge technology and professionals to ensure they have the best defenses and mitigation practices in place. But what about small and medium sized businesses?

They are just as dependent on computing resources and online communication as any large corporation. If hit with a cyberattack, operations can be severely impacted.

Do SMBs have the technology and trained staff in place to adequately defend against ever-evolving cyber threats? Do they have contingency plans to mitigate damage in case of an attack? Do they carry insurance policies that cover the damage and cost of recovery?

Survey Methodology

During September 2021, Coleman Parkes Research set out to learn what the current state of cybersecurity preparedness is in small businesses in the US and Europe. Four hundred decision makers (owners, managers and IT professionals) from all sectors were surveyed about the state of cybersecurity, plans for improvement and unmet needs.

SMBs Online and In the Cloud

Small businesses rely heavily on technology and are thus susceptible to cyberattack via a large attack surface. The survey shows that 96% of respondents report that all (49%) or some (47%) of business operations and production are currently performed via cloud servers or cloud-hosted services. 89% said connectivity is critical as all or most production and business is done online. Surprisingly, only 30% have 2 or 3 dedicated, in-house IT team members. 31% have just one in-house IT professional. The remaining 40% either retain an external contractor or consult with one on a case-by-case basis.


Remote Work is Here to Stay

Remote work has serious implications for cybersecurity as it dramatically increases the potential attack surface of an organization. Employees connect to and interact with network resources over remote internet connections and often use their own personal devices, which are likely infected with all types of malware.

18% of the SMB workforce currently works remotely or hybrid. SMB managers predict this level will drop only slightly in the next three years to 15%.



The combination of high dependence on digital assets and low capacity for cybersecurity make small businesses a clear target and easy prey for cybercriminals. They also are likely to have access to more cash than the average private individual, therefore ransomware is hitting SMBs particularly hard. After general malware (64%), ransomware (34%) was the second most common type of attack experienced last year. The impact is potentially catastrophic. 8% said they would go out of business. 38% said they would lose business. According to Cybercrime Magazine, “More than half of all cyberattacks are committed against small-to-midsized businesses (SMBs), and 60 percent of them go out of business within six months of falling victim to a data breach or hack.”

To Pay or Not to Pay?

On average, SMBs are willing to pay ~$7,000 to get the business back online in case of a ransomware attack

The question of how to respond to a ransomware attack is hotly debated. We asked SMB owners and decisionmakers, “In the event of a ransomware attack on your business, would you pay the ransom?"

Though nobody wants to pay a ransom and law enforcement discourages it, small business are often left with no other choice.

Small Business Ransomware Case

In a recent case in the UK, a salon with 50 employees that serves 150 customers per day, was hit with a ransomware attack that locked all its computers. They lost access to appointment books, customer contact system. The owners contacted authorities, who advised them not to pay the ransom, but after four days of losing business, they decided to pay.

Some voices in the industry and law enforcement have posed the idea that paying a ransom should be made illegal. They cite that the more people and businesses pay the ransom, the more incentive and resources cybercriminals have to launch more sophisticated attacks.

Essentially the argument is that paying to end a ransomware attack directly supports the growth of the crime. On the other hand, victims are at risk of suffering much greater financial loss if the attack is prolonged.

We asked small business decision makers what their stance is on this hotly debated issue.

One of the reasons SMBs are so willing to pay a ransom is the incredibly high cost inflicted by ransomware and other cyberattacks. The true cost of a cybersecurity incident includes both the lost revenues and the time and money it takes to repair and update systems.

We asked SMBs who experienced a cybersecurity incident in the last year to share the cost of the breach. The total cost is comprised of lost revenue and cost of repair. SMBs that experienced an attack spent an average of 16 hours investigating and repairing the issue.

Workforce Risks

For decades it has been understood that employees themselves pose a serious risk

to an organization’s cybersecurity posture. Insider threat could be an employee intentionally sabotaging systems or stealing sensitive information for revenge or profit.

More likely, it could be an innocent mistake that leads to bad actors gaining access.

Third party contractors also pose a risk as they are often granted generous access to the organization’s network, and they are more difficult to regulate and ensure all their devices and activities are secure.

76% of SMB leaders are concerned that employees using risky applications could put IT security at risk.

SMB managers have plenty of reasons to be concerned about employee activity on the company network. In addition to intentionally or inadvertently exposing the network to threats, online activity can also cause loss of productivity and viewing or sharing of inappropriate content can damage the workplace environment. We asked SMB managers to rank the importance of employee security measures. Protecting employees off-network will remain a high concern for years to come, as SMBs predict WFH will continue at close to current levels for several years.

Cybersecurity Planning and Budget


The discrepancy between awareness and budgets stems from the high cost of cybersecurity professionals and technology

Cyber Insurance

Another way SMBs can protect themselves from the damage inflicted by a major cyber incident is by carrying insurance that specifically covers damages and repairs associated with such incidents.

Considering the National Cyber Security Alliance reported that 60% of small and midsized businesses that are hacked go out of business within six months, the lack of cyber insurance coverage contributes to the vulnerability of this business segment.

Selecting a Solution

Currently, firewalls are the most common form of cybersecurity in place in SMBs, but only 48% have them. The next most common are secure web gateway (33%), and secure email gateway (30%).

Popular suppliers of cybersecurity solutions for SMBs

Currently, the most popular suppliers of cybersecurity solutions for SMBs are IT security specialists. In a tie for second place are IT suppliers/system integrators and Telcos who provide cybersecurity as part of the communications package.

Most important criteria when selecting cyber security solutions

In the graph below, we see that simplicity (53%) and price (48%) are highly important factors when making purchasing decisions about security solutions. Telcos are well positioned to provide a solution that is dramatically simpler and less expensive than the alternatives.

Willingness to Pay (Average)

SMBs are willing to pay their telco for protection network from malware, phishing, ransomware and inappropriate content.

Telcos, Protect Your SMBs

SMBs depend on Telcos to provide reliable connectivity for every aspect of their business. But that connectivity also brings cybersecurity risks that could damage and even lead to bankruptcy for small and medium sized businesses.

This survey shows clearly that your business customers are under attack, have a lot at risk, and have little to no practical ability to protect themselves. They lack the dedicated, in-house expertise, time and money for high end cybersecurity operations.

Luckily, telcos are perfectly positioned to answer this unmet need, while also strengthening brand and increasing SMB revenues. Offering a no-hassle, cost-effective cybersecurity protection solution that covers all aspects of the business, including IoT devices and remote employee connections, is the foundational piece for any telco seeking to take advantage of this unmet market need.

To learn more, download the report.