New BlackFog research: 61% of SMBs were victims of a cyberattack in the last year

Cheyenne, Wyoming, June 13, 2023 – 61% of SMBs have been hit by a successful cyberattack in the last year, according to new findings released today from BlackFog. The research study, which examined the business impact of cybersecurity for organizations in the US and UK, also revealed the growing importance of engaging with trusted partners to meet their security challenges.

Businesses are also falling victim to repeat attacks, with 87% of IT decision makers stating they had experienced two or more successful attacks in the past 12 months. On average organizations saw close to five successful data breaches, malware or ransomware attacks affecting their network.

Critically for SMBs, the main impact of an attack was business downtime, which affected 58% of respondents. The successful attacks also negatively impacted customer trust and retention with a third of all respondents reporting that the incidents resulted in the loss of customers. Worryingly, 39% of organizations affected also reported a loss of customer data.

“Cybercriminals naturally gravitate towards targeting organizations with the lowest level of protection and this typically means small to medium business come under fire”, said Dr. Darren Williams, Founder and CEO of BlackFog. “With 89% of all attacks involving some form of data exfiltration, it is paramount for organizations to prioritize the protection of their most valuable business critical asset, their data.”

The significant business impact of cyberattacks points to a growing opportunity for service providers to support and advise their customers.

When seeking advice on new security solutions, the opinions of providers or channel partners were valued more highly than that of peers by decision-makers.  In fact, more than a quarter of all respondents (26%) rated providers and partners as the most highly trusted compared with colleagues in their company (21%), analysts (16%) and peers within other organizations (10%).

Amongst the key findings on partnerships with external providers, the research also revealed:

• More than two-thirds of respondents, 69%, stated they were more likely to ask their partner for advice on new cybersecurity solutions compared to last year.
• 41% of respondents stated that knowledge of cyberthreats was the biggest challenge in effective protection; highlighting how service providers and partners have a vital role to play in providing access to information and expertise.
• The majority, 87% of respondents, stated that they felt their IT providers were focused on understanding their cybersecurity challenges. However, only 39% of respondents felt they understood all their challenges.
• High-security standards are expected from partners, with more than a third of respondents (38%) stating this was the main determining factor when choosing a managed security provider.

“There is a huge opportunity for solution providers and partners to build new relationships in this market, as SMBs struggle to navigate a rising tide of growing cybersecurity threats. Now, more than ever, as a trusted partner, MSPs have an important responsibility to ensure their client’s data is protected from extortion”, continued Dr. Darren Williams. “Existing defensive-based approaches are no longer enough for today’s polymorphic attacks, leveraging data exfiltration as the main weapon of choice.”

BlackFog is the category-defining vendor in anti data exfiltration (ADX). Founded in 2015, the company invented ADX on the thesis that the endpoint is the only control point capable of stopping data from leaving an organization, an architectural bet that has now been validated across three exfiltration vectors: ransomware, shadow AI, and autonomous AI agents. BlackFog’s endpoint-native platform protects more than 500 enterprises, government agencies, and critical infrastructure operators worldwide. 

The company is the publisher of the annual State of Ransomware report and the BlackFog/Sapio Shadow AI Research, the most-cited primary research in the category. BlackFog’s recognition includes the teiss Awards 2026, the AI Excellence Award 2026, the Cybersecurity Excellence Awards 2026, and the Cybersecurity Breakthrough Award. Headquartered in San Francisco with international operations in London and Belfast. Learn more at blackfog.com.

1. The results from this survey are from an online survey Sapio Research fielded on behalf of BlackFog with 400 IT decision makers in the US and UK from companies with 100-999 employees.