New Report Says 1 in 5 SMBs Would Be Forced to Shutter After Successful Cyberattack

Small and medium-sized businesses (SMBs) play a crucial role in the U.S. economy, making up 99.9% of all businesses and contributing to half of the nation's GDP. However, these vital economic growth drivers face an escalating threat—cyberattacks that could put them out of business.

VikingCloud’s 2025 SMB Threat Landscape Report states that nearly 1 in 5 SMBs would be forced to close their doors following a successful cyberattack. Even more concerning, 55% of SMBs report that a financial loss from a successful cyberattack of $50,000 or less would shut them down, with 32% at risk of closure from losses as low as $10,000.

Despite these risks, many SMBs attempt to self-manage their cybersecurity without the right expertise or resources. SMB owners already wear too many hats - from operations, payroll, customer service, and more - and don’t have time for cybersecurity. They assume they're too small to be a target or protected simply because they've purchased a point solution, like a firewall, without understanding how it works.

Even a single attack can have devastating financial and operational consequences without proper protection, pushing businesses to the brink of closure.

For SMBs, cybersecurity is no longer just an enterprise issue—it’s a matter of survival. However, many SMBs still fall short in their preparedness, putting their long-term viability at risk.

Why Small Businesses Struggle with Cybersecurity Management

While 80% of SMBs recognize they have cybersecurity vulnerabilities, many struggle to make basic improvements. Instead of hiring professional experts or outsourcing to a Managed Security Service Provider (MSSP), 74% of SMBs either self-manage their cybersecurity or rely on friends or family members who lack the necessary expertise. This expertise gap creates critical vulnerabilities.

23% of SMB owners admit they don’t fully understand their cybersecurity risks. 26% acknowledge that the person managing their security lacks proper training. By treating cybersecurity as an afterthought or entrusting it to underqualified individuals, SMBs inadvertently expose themselves to growing cyber threats.

For example, while 44% of SMBs have firewalls, many lack the expertise to maintain and configure them properly. As a result, when an attack occurs, they are unsure where to begin or who to contact, leaving them scrambling in a crisis without a clear response plan.

This lack of preparedness directly impacts business operations and revenue, especially for those reliant on point-of-sale (POS) systems. If a cyberattack leads to POS downtime, transactions stop, and cash flow is immediately disrupted—something 33% of SMBs have already experienced. Meeting essential expenses like payroll or rent becomes a serious challenge without incoming revenue, pushing businesses toward financial instability.

These vulnerabilities are concerning as cyberattacks on SMBs become more advanced and severe. Nearly half (48%) of SMBs report that they or an employee have received phishing emails or text messages, with 18% admitting their employees are at risk of falling victim to these attacks.

In the past year alone, SMBs have also faced malware (24%), denial-of-service (19%), and ransomware (14%) attacks. Alarmingly, 19% have also encountered deepfake schemes designed to manipulate employees into granting access to sensitive business accounts. Compounding the issue, SMBs are twice as likely to be unaware they’ve been breached by more sophisticated attacks, like a deepfake, compared with more common threats like network downtime.

It’s clear that cybersecurity self-management is not a viable option – it keeps SMBs in the cross-hairs of cybercriminals, putting their growth and financial stability at risk.

The Total Cost of Cyberattacks on SMBs

The impact of a cyberattack on SMBs extends far beyond immediate financial loss—it triggers a cascade of repercussions that make recovery challenging. While a business may be able to initially grapple with direct financial hits, the combination of downtime, customer loss, and legal complications can quickly spiral into a more severe crisis.

According to VikingCloud’s research, 55% of SMBs experience operational disruptions, 36% lose customers due to reputational damage, and 12% face legal trouble. This affects revenue and makes rebuilding trust and attracting new clients a daunting task.

For SMBs that already operate on tight margins, this cumulative effect often leaves little room for recovery, making it harder to bounce back from the initial blow. The combination of financial loss and these lasting repercussions underscores the critical need for proactive cybersecurity measures to help mitigate both immediate and long-term damage.

Future-Proofing SMBs Against Cyber Threats

Cybersecurity is more than just defense against attacks; it's essential for business continuity, customer trust, and sustainable growth. As SMBs invest more in technology, like artificial intelligence, those prioritizing cybersecurity will gain a competitive edge and remain resilient.

However, many SMB owners are not prepared to make critical strategic decisions that will shape their cybersecurity posture. This is often due to a lack of technical expertise and the need to focus on daily operations. They don’t have time to address long-term security needs, struggle with choosing the right tools, understand evolving threats, and implement effective solutions.

For many SMBs, partnering is a strategic move that levels the playing field against larger competitors. For example, MSSPs deliver expertise, cutting-edge technology, and dedicated resources without the need for extensive in-house training or large security budgets.

By providing services such as threat detection, incident response, and compliance management, MSSPs help SMBs stay ahead of evolving cyber threats while minimizing downtime, reducing financial losses, and tailoring security strategies to industry-specific risks. This makes them a valuable asset for businesses striving to maintain a competitive edge.

Featured

  • The Impact of Convergence Between IT and Physical Security

    For years, the worlds of physical security and information technology (IT) remained separate. While they shared common goals and interests, they often worked in silos. Read Now

  • Unlocking Trustworthy AI: Building Transparency in Security Governance

    In situations where AI supports important security tasks like leading investigations and detecting threats and anomalies, transparency is essential. When an incident occurs, investigators must trace the logic behind each automated response to confirm its validity or spot errors. Demanding interpretable AI turns opaque “black boxes” into accountable partners that enhance, rather than compromise, organizational defense. Read Now

  • Seeking Innovative Solutions

    Denial, Anger, Bargaining, Depression and Acceptance. You may recognize these terms as the “5 Phases” of a grieving process, but they could easily describe the phases one goes through before adopting any new or emerging innovation or technology, especially in a highly risk-averse industry like security. However, the desire for convenience in all aspects of modern life is finally beginning to turn the tide from old school hardware as the go-to towards more user-friendly, yet still secure, door solutions. Read Now

  • Where AI Meets Human Judgment

    Artificial intelligence is everywhere these days. It is driving business growth, shaping consumer experiences, and showing up in places most of us never imagined just a few years ago. Read Now

  • Report: Only 44 Percent of Organizations are Fully Equipped to Support Secure AI

    Delinea recently published new research on the impact of artificial intelligence in reshaping identity security. According to the report, “AI in Identity Security Demands a New Playbook,” only 44% of organizations say their security architecture is fully equipped to support secure AI, despite widespread confidence in their current capabilities. Read Now

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.