Why SMBs in New York Are the Main Targets for Cyber Criminals
                     Compciti Business Solutions Inc
Why SMBs in New York Are the Main 
Targets for Cyber Criminals?
Small and mid-sized businesses (SMBs) in New York have never experience a greater risk from 
cyber criminals than they do today. While there are headlines on attacks against major 
corporations, cyber criminals are rapidly setting their sights on SMBs. These criminals recognize 
that these firms often have weaker defenses, smaller IT teams, and limited resources to bounce 
back after a security breach.
Why SMBs Are the Cyber Targets in New York?
Recent statistics show that approximately 43% of all cyberattacks target small businesses. In 
New York City, the financial, healthcare, and professional services are focused. So, 
ransomware, phishing, and insider threats are rampant, constantly changing, and particularly 
damaging for smaller firms.
In just the last year, one in three SMBs nationwide was hit by a successful cyberattack. 
Around 60% of small businesses that experienced a cyber-incident went out of business 
within six months.
Why Do Weaker Defences Make SMBs Vulnerable?
You might be wondering why hackers focus on New York SMBs. It comes down to the 
following factors:
Limited Security Budgets – Most SMBs in New York don’t have dedicated security teams 
or robust defense systems. In fact, 71% of SMBs agree that their cyber defenses are not 
strong enough. Almost three-quarters manage cybersecurity on their own and often without 
sufficient technical knowledge.
Outdated Technology and Practices – Around half of SMBs depend on basic security 
tools, and one in five has no cybersecurity technology at all. Only 29% rate their defences as 
mature enough to withstand advanced threats. 80% of small businesses don’t follow a formal 
cybersecurity policy.
High Attack Frequency – SMBs experience cyber-attacks every 11 seconds through simple 
methods like phishing emails. Employees are the weakest link, as 30% of SMB breaches start 
from stolen credentials and poor password practices. 87% of small businesses handle 
sensitive customer data that could be compromised.
What Makes Employee Training Essential?
Given these realities, regular employee training can help SMBs to reduce risk. Most attacks 
like phishing, social engineering, and even ransomware start with an employee clicking a 
malicious link or falling for a scam.
 Phishing Risks – Phishing is the major security concern for 75% of SMBs, and the 
trend is increasing. Attackers impersonate banks, vendors, or internal executives to 
trick employees into giving up passwords or transferring funds.
 Insider Threat – Both accidental and malicious actions by insiders are a rapidly 
growing threat in NYC, with organizations finding insider attacks 37% difficult to 
detect in 2024 than in previous years. Employee mistakes can cost the business 
millions and are hard to prevent with technology.
Security awareness programs, covering topics like phishing detection, strong password 
habits, device updates, and breach reporting, can help employees become the first 
line of defense. The New York SHIELD Act goes further, while mandating regular 
risk assessments and staff training under threat of penalties for non-compliance.
Conclusion –
New York SMBs, investing in security awareness resources is an urgent necessity. With 
cybercriminals intensifying their focus on smaller firms, a simple mistake can mean 
operational disruption, regulatory action, or the end of the business. Effective employee 
training can offer the best return on cybersecurity spend in today’s threat landscape. For more 
information about security awareness resources, please contact CompCiti Business  
Solutions at 212-594-4374.
Business Name CompCiti Business Solutions, Inc.
Address 1
261 West 35th Street 
Address 2
Suite 704
City New York 
State NY 
Zip  10001
Phone 212-594-4374
Country USA
Website URL  https://compciti.com/ 
Fax  212-594-6714
Email [email protected]