Many small- and medium-sized businesses (SMBs) "are in denial about security", says a survey of 500 North American firms taken by McAfee.
The survey reveals that many SMBs feel they are too small to be targets for cybercriminals.
After sampling 500 IT decision-makers from companies with 1,000 to 2,000 employees, the report reveals that a third of small- and medium-sized businesses have been attacked more than four times by cybercriminals in the last three years.
The research showed that a quarter of those attacked took at least a week to recover.
Despite these figures, 44% think cybercrime is only an issue for larger organisations and believe it does not affect them.
While 52% believe that because they are not well-known, cybercriminals will not specifically target them.