2020 Just Got Spookier: 3 Cybersecurity Statistics for Small Businesses

Ransomware is something that we’ve blogged about on numerous occasions. If you’re unfamiliar with it, it’s a form of malicious software designed to block access to a computer system or data, often by encrypting data or programs on information technology systems to extort ransom payments from victims in exchange for decrypting the information and restoring victims’ access to their systems or data.


The average amount small businesses are expected to lose over ransomware incidents in 2020.

Why it’s Spooky

Hackers know that small businesses, local government agencies, hospitals, and school districts are more vulnerable due to lack of resources to invest in cybersecurity protection so they take advantage of this.


The percentage of small businesses who have or will experience a security breach in 2020.

Why it’s Spooky

There are nearly 31.7 million small businesses in the US alone. By this metric, over 13 million small businesses will have endured a security breach in 2020, adding to the nightmare of 2020 for small business owners.

3.5 Million

The number of unfilled cybersecurity jobs predicted by 2021.

Why it’s Spooky

This tells us that the candidates who are applying for these positions are unqualified and not nearly as skilled as the malicious actors they’d be in cyber combat with.

Bonus Spooky Statistic

If those statistics weren’t quite spooky enough for you, the increase in ransomware attacks against small businesses since the COVID pandemic began caused the Department of the Treasury to issue an advisory associated with making ransomware payments related to cybercriminal activity.

The Dept. of Treasury released an advisory associated with making ransomware payments related to cybercriminal activity.

Here are some highlights:

  • Ransomware attacks have increased during the pandemic, as malicious actors target computer systems used for conducting business at home with less cybersecurity. Businesses who are victims of ransomware attacks should be aware that they are at risk of violating U.S. sanctions if they engage transactions with malicious cyber actors, even if they believe that paying is the only way to get their data back.
  • Even though the impact of a ransomware attack on a business can be severe, the government does not consider economic coercion or catastrophic financial consequences to excuse violations of these laws.

Takeaway Thought

Every position (IT or not) is also a cybersecurity position now. Employees are the first line of defense, so it’s important to educate and train them as such.

If you’d like to speak with us about cybersecurity training for employees, please contact us here.

Source: 2019 Data Breach Investigation Report, Verizon

Louisville Geek provides comprehensive managed IT services for a diverse range of businesses and non-profit organizations. We are passionate about IT and love what we do!

Stay updated by signing up for our newsletter