Almost 60% of small businesses have been victims of a cyberattack in the past year; however, most them were not aware they were attacked. Nationwide conducted its third annual survey which included over 1,000 businesses with fewer than 300 employees for the study. 58% of participating companies were victims of a cyberattack. The types of attacks ranged from phishing scams to ransomware. Companies who are targeted tend to have fewer cyberdefense systems, lower budget for threat protection and less name recognition. The most common forms of attack were computer viruses (36%), phishing attacks (29%) and Trojan horses (13%). Many of these companies were not prepared for any type of cyberattack. Around 58% of the firms do not have a dedicated team or vendor to monitor for cyberattacks. 76% did not have a plan action for when an attack takes place, 57% did not have plan for protecting employee data and 54% did not have a plan for protecting customer/client data. Recovery was slow and expensive for these companies. Around 20% of the companies spent about $50,000 and recovery took over six months. Additionally, 7% spent over $100,000 and recovery took over a year.