Businesses with revenues exceeding $50 million (£40.5m) are 2.5x more likely to face cyber incidents – that’s according to a new Cyber Roundup Report published today by Cowbell, a leading provider of cyber insurance for small and medium-sized enterprises (SMEs) and middle-market businesses.
Drawing on a vast three-year data set from over 46 million SMEs across the US, UK, and Japan, Cowbell’s new report stands apart from others globally.
As well as spotlighting the frequency of attacks among larger organizations, the report also sheds light on the heightened vulnerability of smaller SMEs due to limited cybersecurity resources, and the escalating threat of supply chain attacks and industry-specific cyber exposure.
Discussing the report findings, Cowbell founder and CEO Jack Kudale said: “The digital age has opened up some incredible avenues for business growth. But in the same breath, it’s also brought a complex set of cyber risks. Across the board, we’re seeing cybercriminals capitalize on interconnectivity, automation, and emerging tools like AI to launch increasingly sophisticated attacks.”
Key findings include:
- Supply chain attacks have surged by 431% since 2021, indicating a growing vulnerability in interconnected business ecosystems.
- The manufacturing sector emerges as the most at-risk, with cyber risk scores 11.7% below the global average – a finding driven by the sector’s reliance on automation and the sensitivity of its intellectual property.
- Public administration and educational services also face elevated risks, particularly from ransomware attacks, with a 70% increase in attacks on educational institutions over the past year.
- Five risky technology categories were identified, and include operating systems, content management tools, virtualization technologies, server-side technologies, and business applications.
Kudale continues: “This report underscores one particularly critical reality: no business – large, small, or niche – is immune to cyber threats. Larger organizations are key targets because of their vast data and complex operations, while smaller businesses are at risk due to supply chain vulnerabilities and limited cybersecurity resources. The latter may face a lower frequency of attacks overall, however, the consequences of a single incident can be devastating, including significant financial losses, crippling downtime and business interruption, and, in some cases, closure. The stark 70% rise in attacks on educational institutions, many under-resourced, highlights how vulnerable underprepared sectors can be.”
In addition to the report’s key findings, Cowbell provides businesses with practical recommendations for cyber risk management, emphasizing the role of comprehensive third-party risk management, technology risk prioritization, and the importance of regular employee training and robust Incident Response Plans (IRPs).
“To stay resilient, leaders across businesses of all sizes and sectors need to prioritize cybersecurity just as they would any other core aspect of their operations. At Cowbell, we’re committed to equipping SMEs and mid-market businesses with the insights and resources they need to protect themselves in this evolving threat landscape,” Kudale adds.
To learn more and download the full report, please visit cowbell.insure.