Among small businesses, we often see a worrying mix of outdated software, weak password hygiene and minimal cybersecurity training.
These issues persist for a few reasons. Many small businesses operate with constrained budgets and lack dedicated IT teams, leading to gaps in both security, strategy and execution.
There’s also a lingering perception that cybercriminals only target larger enterprises which often hold a greater volume and variety of valuable data.
In reality, attackers have been increasingly focusing on small businesses because their defences can be easier to bypass.
In some cases, small businesses are targeted not just for their own data, but as stepping stones into larger partners or clients, making them an even more attractive target.
The rise in automated attacks means it doesn’t cost much for criminals to cast a wide net, and small businesses often fall victim.
Awareness around cyber safety is rising, but without the tools and support to act on that knowledge, vulnerabilities remain.
Can you share some of Norton’s key stand-out facts from its latest report? Why are they important and what trends do they highlight?
The Q1/2025 Threat Report reveals a sharp rise in data breaches, with a 36% increase in incidents and a 186% surge in breached individual records, exposing sensitive information such as passwords, emails and credit card details.
While data breaches are often associated with large corporations, these figures show that smaller organisations are increasingly being targeted.
