New Report Says 1 in 5 SMBs Would Be Forced to Shutter After Successful Cyberattack

Small and medium-sized businesses (SMBs) play a crucial role in the U.S. economy, making up 99.9% of all businesses and contributing to half of the nation's GDP. However, these vital economic growth drivers face an escalating threat—cyberattacks that could put them out of business.

VikingCloud’s 2025 SMB Threat Landscape Report states that nearly 1 in 5 SMBs would be forced to close their doors following a successful cyberattack. Even more concerning, 55% of SMBs report that a financial loss from a successful cyberattack of $50,000 or less would shut them down, with 32% at risk of closure from losses as low as $10,000.

Despite these risks, many SMBs attempt to self-manage their cybersecurity without the right expertise or resources. SMB owners already wear too many hats - from operations, payroll, customer service, and more - and don’t have time for cybersecurity. They assume they're too small to be a target or protected simply because they've purchased a point solution, like a firewall, without understanding how it works.

Even a single attack can have devastating financial and operational consequences without proper protection, pushing businesses to the brink of closure.

For SMBs, cybersecurity is no longer just an enterprise issue—it’s a matter of survival. However, many SMBs still fall short in their preparedness, putting their long-term viability at risk.

Why Small Businesses Struggle with Cybersecurity Management

While 80% of SMBs recognize they have cybersecurity vulnerabilities, many struggle to make basic improvements. Instead of hiring professional experts or outsourcing to a Managed Security Service Provider (MSSP), 74% of SMBs either self-manage their cybersecurity or rely on friends or family members who lack the necessary expertise. This expertise gap creates critical vulnerabilities.

23% of SMB owners admit they don’t fully understand their cybersecurity risks. 26% acknowledge that the person managing their security lacks proper training. By treating cybersecurity as an afterthought or entrusting it to underqualified individuals, SMBs inadvertently expose themselves to growing cyber threats.

For example, while 44% of SMBs have firewalls, many lack the expertise to maintain and configure them properly. As a result, when an attack occurs, they are unsure where to begin or who to contact, leaving them scrambling in a crisis without a clear response plan.

This lack of preparedness directly impacts business operations and revenue, especially for those reliant on point-of-sale (POS) systems. If a cyberattack leads to POS downtime, transactions stop, and cash flow is immediately disrupted—something 33% of SMBs have already experienced. Meeting essential expenses like payroll or rent becomes a serious challenge without incoming revenue, pushing businesses toward financial instability.

These vulnerabilities are concerning as cyberattacks on SMBs become more advanced and severe. Nearly half (48%) of SMBs report that they or an employee have received phishing emails or text messages, with 18% admitting their employees are at risk of falling victim to these attacks.

In the past year alone, SMBs have also faced malware (24%), denial-of-service (19%), and ransomware (14%) attacks. Alarmingly, 19% have also encountered deepfake schemes designed to manipulate employees into granting access to sensitive business accounts. Compounding the issue, SMBs are twice as likely to be unaware they’ve been breached by more sophisticated attacks, like a deepfake, compared with more common threats like network downtime.

It’s clear that cybersecurity self-management is not a viable option – it keeps SMBs in the cross-hairs of cybercriminals, putting their growth and financial stability at risk.

The Total Cost of Cyberattacks on SMBs

The impact of a cyberattack on SMBs extends far beyond immediate financial loss—it triggers a cascade of repercussions that make recovery challenging. While a business may be able to initially grapple with direct financial hits, the combination of downtime, customer loss, and legal complications can quickly spiral into a more severe crisis.

According to VikingCloud’s research, 55% of SMBs experience operational disruptions, 36% lose customers due to reputational damage, and 12% face legal trouble. This affects revenue and makes rebuilding trust and attracting new clients a daunting task.

For SMBs that already operate on tight margins, this cumulative effect often leaves little room for recovery, making it harder to bounce back from the initial blow. The combination of financial loss and these lasting repercussions underscores the critical need for proactive cybersecurity measures to help mitigate both immediate and long-term damage.

Future-Proofing SMBs Against Cyber Threats

Cybersecurity is more than just defense against attacks; it's essential for business continuity, customer trust, and sustainable growth. As SMBs invest more in technology, like artificial intelligence, those prioritizing cybersecurity will gain a competitive edge and remain resilient.

However, many SMB owners are not prepared to make critical strategic decisions that will shape their cybersecurity posture. This is often due to a lack of technical expertise and the need to focus on daily operations. They don’t have time to address long-term security needs, struggle with choosing the right tools, understand evolving threats, and implement effective solutions.

For many SMBs, partnering is a strategic move that levels the playing field against larger competitors. For example, MSSPs deliver expertise, cutting-edge technology, and dedicated resources without the need for extensive in-house training or large security budgets.

By providing services such as threat detection, incident response, and compliance management, MSSPs help SMBs stay ahead of evolving cyber threats while minimizing downtime, reducing financial losses, and tailoring security strategies to industry-specific risks. This makes them a valuable asset for businesses striving to maintain a competitive edge.

Featured

  • Nothing Artificial About this Intelligence

    I have been looking forward to this year’s GSX show in New Orleans, the Cresent City, or if you prefer The Big Easy. It seems like quite a while since we’ve been here. Twenty years ago, ASIS, as it was known then was literally washed out of the city by someone known as Katrina. It is a good thing to come back to NOLA. Read Now

  • From Monitors to Mission Control

    Security Operations Centers (SOC) were once defined by rows of static monitors, each displaying a single feed with operators quietly watching for issues. That model has become obsolete. Incidents evolve too quickly, data comes from multiple locations, and decisions must be made in seconds—not minutes. Read Now

  • New Gas Monkey Garage Venue Uses AI-Enhanced Video Technology

    Gas Monkey Garage, the automotive custom shop and entertainment brand founded by Richard Rawlings of Fast N’ Loud TV fame, has opened a vibrant new restaurant and bar in South Dakota, equipped with advanced, AI-enhanced video tech from IDIS Americas. Read Now

  • Data Driven, Proactive Response

    As cities face rising demands for smarter policing and faster emergency response, Real Time Crime Centers (RTCCs) are emerging as essential hubs for data-driven public safety. In this interview, two experts with deep field experience — Ross Bourgeois of New Orleans and Dean Cunningham of Axis Communications — draw on decades of operational, leadership and technology expertise to share how RTCCs are transforming public safety through innovation, interagency collaboration and a relentless focus on community impact. Read Now

  • Integration Imagination: The Future of Connected Operations

    Security teams that collaborate cross-functionally and apply imagination and creativity to envision and design their ideal integrated ecosystem will have the biggest upside to corporate security and operational benefits. Read Now

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.