About the ITRC 2023 Business Impact Report
The ITRC, using the SurveyMonkey platform, conducted an online survey to explore the impacts of cybercrimes on small businesses as defined by the U.S. Small Business Administration. The survey was conducted in September 2023, covering the previous 12 months unless otherwise noted in a specific question. The online questionnaire was completed by 551 individuals; 276 met the criteria of being a person in a leadership position or an IT professional at a company of 500 or fewer employees, including solopreneurs. One hundred ninety-nine (199) reported being the victim of a cyberattack, a data breach or both in the past 12 months. This year’s report reflects responses from businesses ranging from single-employee companies to organizations with 500 employees. The responses also reflect a wide range of industries with a slight concentration in retail entities.
By far, the largest number of general survey responses came from people who identified as business owners or partners, followed by C-Suite Officers and Sr. Executives. Unless otherwise noted in a specific question, the term “breach” refers to both a data and security breach (successful cyberattack).
Unless otherwise noted in a specific question, the term “breach” refers to both a data and security breach.