Cybercriminals cast a wide net, with almost every business owner knowing of another business in their industry that’s been affected by cybercrime. But some industries are more lucrative for criminals than others.

A new report from the cyber risk experts at NetDiligence sheds light on which industries are most at risk of a cyber attack. The top five businesses targeted by cybercriminals represent a diverse range of industries. If your business is one of them, good cybersecurity practices are especially important.

Here’s what to know and how you can protect your business from the threat.

Why Some Businesses Face Bigger Cyber Threats Than Others

While almost every business today relies on computer systems and data, some face bigger threats than others. What makes one particular business’s computer systems and data more or less attractive to cybercriminals than those of businesses in other industries can be confusing, but it helps to think about how cybercriminals look at your business.

Criminals in general target property that has two basic characteristics:

  1. It is of high value.
  2. It is easy to access.

The same is true for cybercriminals and your digital property.

Today’s cyber attackers prefer to target businesses where there is a high volume of sensitive data being created, stored or accessed with systems that rely on specialized proprietary software, which is often easier to hack.

What Data Is Valuable

When talking about data that is valuable, this usually means data that contains sensitive information. Such high value data targets typically include:

  • Names
  • Addresses
  • Phone numbers
  • Social security numbers
  • Account login details
  • Credit card info
  • Business records
  • Banking details
  • Medical records
  • Trade secrets
  • Intellectual property

What Systems Are Easy to Access

As far as computer systems that are easier to break into, this can include:

  • Legacy computer systems
  • Unsupported software systems
  • Outdated software systems
  • Systems missing security fixes
  • Improperly configured systems

Those computer systems that have a small or specialized userbase and aren’t household name brands, like Microsoft or Apple, can also make for easy targets.

If your business works with sensitive data or uses vulnerable computer systems, you are at higher risk of a cyber attack. But as the new report shows, it’s not always the industries you suspect that face the most risk.

Which Businesses Face the Most Cyber Risk in 2022

NetDiligence reports in their 2021 Cyber Claims Study Report that cybercrime is on the rise in both frequency and severity. Yet it’s not headline-grabbing hacks of big-name companies causing the most damage. The primary worry is relatively unsophisticated ransomware attacks on small businesses.

In the first half of 2021, the incidence of ransomware attacks increased 102%, while ransom demands grew to an average of $146,000 and incident cost rose to an average of $179,000. Small businesses bore the brunt of the cost of these and other attacks. Out of 5,797 claims analyzed for the report, 99% occurred at small- to medium-sized enterprises with annual revenues less than $2 billion.

In terms of claim volume for small- to medium-sized enterprises, the top industries targeted were:

1. Professional Services

Businesses in the professional services sector continue to face the most threat from cybercriminals. Lawyers, accountants, financial advisors and others in this industry have high-value data and easy-to-access systems. Out of almost 5,800 claims, almost 20% came from these businesses. By the numbers, professional services businesses had:

  • 1,088 claims
  • Total incident costs of $229 million
  • Average incident costs of $211,000
  • Claim costs ranging from $1,000 to $120.2 million

2. Healthcare

Healthcare businesses face increasing attacks from cybercriminals, after a decade spent modernizing medicine. Highly sensitive patient data is frequently targeted for ransom and theft. Nearly one out of six cyber claims now comes from a healthcare business. By the numbers:

  • 969 claims
  • Total incident costs of $71.6 million
  • Average incident costs of $74,000
  • Claim costs ranging from $1,000 to $6.6 million

3. Financial Services

Financial services businesses have been a target for criminals since the days of the Pony Express. Now, modern businesses face a serious threat from cybercriminals seeking to steal funds from bank accounts, real estate closings, court settlements and retirement funds. By the numbers, the industry experienced:

  • 440 claims
  • Total incident costs of $49.4 million
  • Average incident costs of $112,000
  • Claim costs ranging from $1,000 to $5 million

4. Manufacturing

Businesses in the manufacturing sector are an unlikely favorite of modern cybercriminals. The bank account, purchase order and intellectual property data of manufacturing businesses make attractive cyber theft targets, while computer systems are also vulnerable to ransomware attacks. By the numbers, the sector has had:

  • 433 claims
  • Total incident costs of $77.9 million
  • Average incident costs of $180,000
  • Claim costs ranging from $1,000 to $20 million

5. Retail

Retail businesses also have to worry about a significant threat of cybercrime. Here, hackers can steal customer information and product shipments and hold business websites and data for ransom. Businesses in the retail industry experienced:

  • 318 claims
  • Total incident costs of $53.2 million
  • Average incident costs of $167,000
  • Claim costs ranging from $2,000 to $7.4 million

How to Protect Your Business from Cybercriminals

The top five businesses targeted by cybercriminals face heightened risks, while the threat of a cyber attack also impacts businesses in other industries. Yet no matter what sector your business is in, there are steps you can take to protect against the threat.

Be sure to follow the latest cyber security best practices and protect your business with cyber liability insurance from CyberLock Defense.

CyberLock Defense’s industry-leading Cyber Liability Insurance coverage is available with broad coverage, flexible limits and no policy sublimits, so you always have access to your full policy limits. CyberLock Defense can help cover the cost of business interruption, data restoration, public relations, IT forensics, legal expenses and more.

Discover more benefits of cyber liability insurance for your business today. Visit or call us at (913) 652-7520.