Data Protection Tool

What the 2023 Datto Ransomware Report Says About SMBs and Cybersecurity

Picture of Dale Shulmistra

Dale Shulmistra


Ransomware Report

Ransomware attacks have decreased and stabilized over the past two years, following a period of frenzied activity that wreaked havoc on organizations of every kind. However, the news hasn’t been nearly as promising for small to medium-sized businesses (SMBs), which experienced a 40% increase in ransomware attacks in 2021. In light of this frightening statistic, businesses both large and small have begun making deliberate and detailed plans for strengthening their cybersecurity. The 2023 Datto ransomware report reveals that SMBs have stepped up their cybersecurity spending and technology, but there’s still plenty of room for improvement.

Below, we highlight some of the most disturbing statistics in the Datto ransomware report, with the hope that more businesses will begin reevaluating their business continuity solutions. We’ll also dig into some encouraging signs that show that SMBs are taking cybersecurity more seriously than they have in the past.

Understanding the Datto Ransomware Report

For the past seven years, Datto has surveyed IT decision-makers to identify their concerns about cybersecurity. Findings from the Datto ransomware report have been covered by several media organizations, including Government TechnologyBusiness Wire, and Computer Weekly, but few of them go into detail about how the report was created or why it’s so significant. Before we discuss the results of the report, let’s give it some critical context.

How It’s Made

The findings from Datto’s cybersecurity survey are published in the annual State of Ransomware Report, which is technically titled the Datto SMB Cybersecurity for MSPs Report. MSPs are companies that manage IT solutions, such as business continuity and disaster recovery (BCDR) solutions, networking, and other infrastructure, for their business clients.

The report includes key statistics and trends about past, present, and future threats and how IT teams are responding to them. To get a clearer picture of how these findings are put together, here’s what you need to know:

  • The report is based on survey results from more than 3,000 IT professionals in small to medium-sized businesses across eight countries: the United States, the United Kingdom, Canada, Germany, the Netherlands, New Zealand, Australia, and Singapore.
  • The survey was conducted during July and August of 2022.
  • The report targets points of concern for SMBs as well as potential areas for growth by MSPs.
  • Although it’s focused on SMBs, the results of the report are informative for businesses of all sizes.
  • To qualify as a respondent for the survey, IT professionals were required to work for SMBs with between 10 and 300 employees in select markets.

Datto is a provider of business continuity solutions and data-backup technology and partners with MSPs to serve businesses around the world, so they have a thorough understanding of cybersecurity and its role in a business’s long-term success.

Why It Matters

Datto’s report is noteworthy in part because it focuses on SMBs, which are often overlooked in the larger cybersecurity discussion. While well-known businesses like Cisco, which experienced a ransomware attack in May 2022, often dominate the cybersecurity headlines, smaller businesses are in just as much, if not more, danger as their big-name competitors. They not only have fewer financial resources to fall back on, but they also tend to have less money to spend on cybersecurity, making them especially enticing for bad actors who are looking for easy targets.

The Datto report also presents insider perspectives on pressing issues that can cause significant financial and reputational harm to businesses across multiple industries. From phishing calls to stolen credentials to ransomware, SMBs are at risk of losing money, time, and productivity that they simply cannot afford to waste.

Key Findings & Trends: Signs of Progress and Cause for Concern

Let’s start with some of the most significant figures in Datto’s report. Datto’s survey is wide-ranging, encompassing a variety of cybersecurity concerns for SMBs, and the results are a mix of good and bad news. Some data points show definite improvements and others underscore continuing problems:

  • Around 40% of SMBs are investing in cybersecurity systems: 
    For years, cybersecurity experts have sounded the alarm that small businesses were at just as much risk of a cybersecurity attack as their larger counterparts, but their warnings often went ignored. Fortunately, that trend seems to be changing, with a growing number of IT professionals indicating that, rather than decreasing their cybersecurity funding, organizations are investing additional funds.
  • Vulnerability assessments are on the rise: More than one-third of respondents reported that their organizations conduct vulnerability assessments at least three times a year. This is a critical step toward reducing the likelihood of a devastating cybersecurity failure.
  • Almost 75% of companies could crumble due to ransomware: The vast majority of SMBs feel that a ransomware attack would cause them significant damage, potentially leading them to permanently close their doors. As a result, many of them are looking for better options to prevent potential attacks and lower their risk level.
  • More than half of organizations expect an attack: 
    Approximately 60% of SMBs reported that they might experience a ransomware attack over the next year. This statistic is especially startling considering how many organizations expect to fail in the face of ransomware.

Fear is a powerful motivator, and Datto’s report makes clear that businesses are rightfully concerned about the effects of a ransomware attack. The silver lining is that many of them have chosen to take a defensive posture and face the problem head-on instead of waiting and hoping for the best.

Types of Attacks

Attacks are happening right now, as you read this, and businesses are aware that it’s only a matter of time before they face a cybersecurity incident. Datto’s new report illustrates how ransomware and cybersecurity have become top-of-mind concerns for businesses around the world.

While ransomware has been on the decline, one-fourth of SMBs have experienced at least one attack since opening their doors, and 13% of them have fallen victim to ransomware within the past year, locking up their data and bringing operations to a grinding halt. That’s not to mention the overwhelming number of SMBs that have faced other cybersecurity threats, including viruses, phishing scams, and fraud.

When it comes to which attacks are most likely to occur and which would be most damaging, the data brings some interesting things to light. Here’s what Datto’s research shows:

  • Phishing is the biggest concern: 
    When asked what issues they believe are the biggest cause of cybersecurity problems, 37% of respondents selected phishing emails, which is no surprise considering that more than 30% of organizations experienced phishing attacks over the previous 12 months.
  • Viruses aren’t going anywhere: Around a third of SMBs have experienced one or more computer viruses over the past year.
  • Ransomware is less common but more dangerous: Although fewer organizations recently faced a ransomware attack, IT professionals believe that ransomware would have a far greater impact than phishing.

Keep in mind that phishing and ransomware are not mutually exclusive. In many cases, phishing is simply a vehicle to deliver a bigger threat, particularly ransomware. What begins as an employee unknowingly opening a phishing link in an email may lead to locked and lost data, ransom demands, and downtime.

Why SMBs Are Vulnerable

With so many threats on the horizon, it’s imperative for leaders at SMBs and IT departments to fortify their defenses and institute cybersecurity best practices. Unfortunately, many organizations still have flawed systems, policies, and procedures that place them at greater risk of experiencing an attack.

These are the biggest reasons that SMBs believe they are encountering negative outcomes from phishing, ransomware, and other cybersecurity incidents:

  • A lack of training: Just over 40% of SMBs attribute their cybersecurity weaknesses to insufficient training. These concerns are split almost equally between training for administrators and end-users.
  • Weak passwords and stolen credentials: A password that’s easy to crack or steal stands little chance of protecting valuable business data. Around a quarter of SMBs feel that their cybersecurity issues are a result of weak passwords, and 17% blame lost or stolen employee credentials.
  • Inadequate recovery plans: Businesses have certainly made strides toward strengthening their recovery planning, but a minority are placing a high priority on creating truly optimized plans. Only 29% of respondents said that they had a best-in-class recovery plan in place, and nearly 20% of organizations either have no plan or are unaware of whether a plan exists and what it contains.

Until businesses address each of these concerns, they remain at an elevated risk not only of a hack or attack occurring but also of dealing with more extensive damage when they do.

The Biggest Pain Points

Looking at the data for SMBs might give the impression that cybersecurity isn’t an expensive issue. After all, around 15% of organizations receive ransom demands under $1,000, a seemingly small price to pay in the grand scheme of things.

The problem is that this number doesn’t reflect that, even if the ransom demand is small, critical data loss and downtime have much higher price tags.  Here’s how the losses really add up:

  • Downtime is as expensive as ever: On average, SMBs spent $126,000 on downtime, including lost revenue. Around 4% of respondents lost upward of $750,000 to downtime in the past year.
  • Downtime can happen to anyone at any time: Businesses that assume that they’re immune to downtime are taking a big risk. In Datto’s survey, only 12% of respondents said they hadn’t experienced any downtime.
  • Downtime recovery is rarely instantaneous: Almost half of the surveyed organizations experienced more than two days of downtime. A longer recovery period almost always translates to larger financial losses.
  • Ransoms are all over the board: Ransom demands for SMBs range from less than $100 to more than $50,000. Nearly 30% of respondents to Datto’s survey were asked to pay between $10,000 and $50,000, a sum that could be a crippling blow to a small business with limited resources.
  • Paying doesn’t guarantee data restoration: Of the organizations that gave in to hackers’ ransomware demands, one-third still couldn’t decrypt their data and lost it completely. This is a far lower success rate than for organizations that performed disaster recovery and restored their data from full backups.
  • Many SMBs had to start over: Among organizations that experienced a cybersecurity attack, 21% had to reinstall and reconfigure all of their systems. Starting from scratch is a time-consuming and expensive endeavor that usually results in extended operational disruptions.

There’s a bright spot in the midst of this bad news. In 2022, only 3% of respondents paid the ransom, a lower figure than in years past and an indication that SMBs have taken heed of the FBI’s advice that businesses not give in to ransom demands. Paying the ransom is a risky prospect that can have a number of negative consequences, including inviting additional attacks on your business and increasing cyber insurance rates.

What Recovery Looks Like

In a world in which cybersecurity attacks are almost inevitable, businesses should be using the best possible recovery solutions. In spite of this, many organizations continue to rely on outdated and flawed systems. These are the most popular recovery methods for the SMBs in Datto’s report:

  • Manual backups: 49%
  • Copy from old systems: 36%
  • Continuous availability: 36%
  • Third-party BCDR: 32%

The fact that almost half of businesses rely on manual backups is troubling. If an employee forgets to back up data or conducts backups infrequently, there might be a significant data gap when a cybersecurity attack hits.

Most businesses are better served by a quality solution with automatic backups, an option that’s available for not only big corporations but also smaller organizations. Smaller businesses who shy away from more advanced technologies because of the cost can look into affordable backup products designed for businesses that have tight budgets but don’t want to sacrifice features like automatic backups and ransomware detection.

Looking to the Future of Cybersecurity

IT specialists are working to stay ahead or at least keep up with the constantly evolving cybersecurity landscape. When it comes to their future plans for protecting their data and hardware, there are a few areas that are getting the most attention.

Investing in the Cloud

Cloud storage is a convenient and accessible data storage method that’s appealing to businesses of every size and kind. However, many organizations have failed to put adequate protections into place for their cloud services, leading to lost data and extended operational disruptions. Over the next year, 45% of SMBs plan to invest in cloud security, a positive move that goes hand in hand with a trend toward using hybrid cloud backups.

Implementing Ransomware Protection

The frequency of ransomware attacks has fluctuated widely in recent years, but it remains one of the biggest nightmares for SMBs. It shouldn’t be a shock that security products that prevent or deter ransomware infections are at the top of the list of priorities for IT professionals. Consider these findings from Datto’s report:

  • 57% of respondents plan to install or upgrade antivirus software
  • 53% will implement or increase email and spam protection
  • 49% will prioritize file backups

Among the organizations that responded to Datto’s survey, only 31% were completely satisfied with their current security solutions, leaving ample space for making improvements and changes that will better protect them from ransomware and other types of attacks.

The Growth of Cyber Insurance

Purchasing cyber insurance is becoming a common practice for SMBs, who in the past limited their insurance purchases to liability, flood, or disaster coverage. In 2022, 69% of SMBs had cyber insurance, and 37% of organizations that didn’t have it were very likely to invest in it within the next 12 months. The decision to purchase cyber insurance also reflects an overall heightened attention to cybersecurity. According to Datto, SMBs with cyber insurance were more likely to have more IT support and security solutions.

Finding the Right Cybersecurity Solutions

Businesses need a multilayered strategy to defend themselves against ransomware and other cybersecurity problems. No single solution, such as employee training or anti-virus software, will provide complete protection. Businesses must employ a 360-degree approach, backed by a dependable BCDR system, to ensure that they don’t collapse under the crushing weight of a cybersecurity attack.

If you’re still not sure what such an approach might look like, reaching out to Invenio IT is a good place to start. Invenio IT has a team of experts who specialize in business continuity and selecting today’s best data-protection technologies. Reach out to learn more about how to safeguard your business against cybersecurity threats or to book a free demo of the most effective backup solutions on the market.

Get the Ultimate Employee Cybersecurity Handbook
Invenio it logo

Join 23,000+ readers in the Data Protection Forum

Related Articles