Key Takeaways
- 43% of small businesses said they have been the target of cyber attacks
- 71% of all breaches in the 2024 Verizon DBIR involved criminal threat actors
- 60% of breaches used stolen credentials or credentials obtained through phishing
- 1 in 10 organizations experienced operational disruption for more than 1 month after a breach, according to IBM Cost of a Data Breach 2023
- $4.45 million is the global average total cost of a data breach in 2023 (IBM Cost of a Data Breach Report 2023)
- $1.12 million is the average cost per incident for breaches involving ransomware in 2023 (IBM Cost of a Data Breach Report 2023)
- In the 2023 Verizon DBIR, the median time to detect was 2 days and time to respond was 14 days
- In IBM data breach research, the average time to identify a breach was 207 days (Cost of a Data Breach Report)
- In IBM data breach research, average time to contain was 73 days (Cost of a Data Breach Report)
Nearly half of small businesses face cyber attacks, and breaches often start with human error and stolen credentials.
Related reading
01 · Category
Industry Trends20 stats
Industry Trends Interpretation
02 · Category
Cost Analysis23 stats
Cost Analysis Interpretation
More related reading
03 · Category
Performance Metrics20 stats
Performance Metrics Interpretation
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
Marcus Afolabi. (2026, February 13). Small Business Cyber Attack Statistics. Gitnux. https://gitnux.org/small-business-cyber-attack-statistics
Marcus Afolabi. "Small Business Cyber Attack Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/small-business-cyber-attack-statistics.
Marcus Afolabi. 2026. "Small Business Cyber Attack Statistics." Gitnux. https://gitnux.org/small-business-cyber-attack-statistics.
Sources & references
17 datasets cited across this report · attribution is report-level
+9 additional datasets cited (not shown individually)

