According to a new Cyber Roundup Report published by Cowbell, a provider of cyber insurance for small and medium-sized enterprises (SMEs) and mid-market businesses, companies with revenues surpassing $50 million (£40.5m) are 2.5 times more likely to experience cyber incidents.
The report, based on an extensive three-year data set from over 46 million SMEs across the US, UK, and Japan, offers unique insights that set it apart from other global studies.
In addition to highlighting the increased frequency of cyber attacks among larger organisations, the report also emphasises the greater vulnerabilities faced by smaller SMEs, which often lack sufficient cybersecurity resources.
It also addresses the growing threat of supply chain attacks and the specific cyber risks associated with different industries.
Cowbell founder and CEO Jack Kudale commented: “The digital age has opened up some incredible avenues for business growth. But in the same breath, it’s also brought a complex set of cyber risks. Across the board, we’re seeing cybercriminals capitaliSe on interconnectivity, automation, and emerging tools like AI to launch increasingly sophisticated attacks.”
Key findings from Cowbell’s latest report reveal a significant surge in supply chain attacks, which have increased by 431% since 2021, underscoring the growing vulnerability of interconnected business networks.
The manufacturing sector is identified as the most at-risk, with cyber risk scores 11.7% lower than the global average. This heightened risk is primarily attributed to the sector’s reliance on automation and the sensitivity of its intellectual property.
Public administration and educational services are also facing elevated threats, particularly from ransomware attacks. Over the past year, educational institutions have experienced a 70% increase in such attacks.
The report further highlights five technology categories that present notable risks: operating systems, content management tools, virtualisation technologies, server-side technologies, and business applications.
Kudale continued: “This report underscores one particularly critical reality: no business – large, small, or niche – is immune to cyber threats. Larger organisations are key targets because of their vast data and complex operations, while smaller businesses are at risk due to supply chain vulnerabilities and limited cybersecurity resources.
“The latter may face a lower frequency of attacks overall, however, the consequences of a single incident can be devastating, including significant financial losses, crippling downtime and business interruption, and, in some cases, closure. The stark 70% rise in attacks on educational institutions, many under-resourced, highlights how vulnerable underprepared sectors can be.”
In addition to the key findings, Cowbell offers practical recommendations for businesses to manage cyber risk. The report stresses the importance of comprehensive third-party risk management, prioritising technology risks, and ensuring regular employee training. It also underscores the need for robust Incident Response Plans (IRPs) to effectively address potential cyber threats.
“To stay resilient, leaders across businesses of all sizes and sectors need to prioritise cybersecurity just as they would any other core aspect of their operations. At Cowbell, we’re committed to equipping SMEs and mid-market businesses with the insights and resources they need to protect themselves in this evolving threat landscape,” Kudale further added.
