Cybercrime victimization among Virginia businesses: frequency, vulnerabilities, and consequences of cybervictimization

The Commonwealth of Virginia, USA, is one of the most vulnerable states to cyberattacks and breaches. Analyzing data from 428 online surveys collected from Virginia businesses from multiple vendors and several unique resources, this study provides an in-depth view of the nature and extent of cybercrime victimization in Virginia, highlighting specific vulnerabilities, how the victimization occurred, the consequences of victimization, and if and to whom these breaches were reported. In addition, we describe the extent to which businesses perceive their vulnerabilities, the extent in which companies engage in behaviors that can potentially make them vulnerable, the policies and practices they have in place to reduce vulnerability, and their experiences with victimization. The results provide a quality baseline for understanding cybercrimes against businesses in Virginia.