Business owners' increased use of technology creates new gateways for cybercriminals

Using connected technologies like artificial intelligence, drones, robotics or wearable sensors can increase a business's likelihood of being a cyberattack victim because these technologies give cybercriminals new access points into a company's IT infrastructure if not properly protected.

91 percent of business owners use one of these technologies - and 48 percent are unconcerned they will increase the likelihood of a cyberattack.

According to Nationwide's fourth annual Business Owner Survey, while the number of self-reported cyberattacks against the U.S. small and mid-sized businesses surveyed declined four percentage points year-over-year, the number of business owners who are unconcerned with cyberattacks spiked, with an 18 percentage point year-over-year difference (22 percent unconcerned in 2017 vs. 40 percent unconcerned in 2018) - and those "very unconcerned" grew nearly 50 percent (9 percent in 2017 vs. 17 percent in 2018). Alongside this lack of concern, 65 percent of business owners do not have a dedicated employee or vendor in place to monitor for cyberattacks - an 8-percentage point increase from 2017.

"Cybercriminals are increasingly gaining access to businesses' systems through connected technology," said Karen Johnston, expert cyber consultant for Nationwide. "Many business owners don't realize that using drones or even smart devices makes their business more susceptible to cyberattacks - especially if they don't take the proper precautions or put someone in charge of monitoring for attacks. The scary fact we're seeing is that business owners are becoming more apathetic toward their risk of cyberattacks and therefore aren't protecting themselves as well, even though the concern of cyberattacks against them is still very real."

Business owners lack clarity on what a cyberattack really is, which can make an attack more difficult to protect against. According to Nationwide's study, which surveyed 1,000 business owners with between 1-499 employees, only 9 percent said their business had been a cyberattack victim when asked directly. Yet when given a list, 50 percent said their business experienced at least one type of harmful cyber activity. This points to a 41-percentage point awareness gap of what a cyberattack is. Computer viruses (27 percent) and phishing attacks (25 percent) were the most frequently reported type of attack.

Business owners also report more than a 20 percentage point gap across the board in the U.S. Small Business Administration 's cybersecurity best practices that they say are important versus those that they implement. For example:

For more information, visit Nationwide's blog page and Business Solutions Center.