In 1988, a graduate student named Robert Tappan Morris accidentally unleashed one of the first computer worms on the early internet. Within hours, the program had disabled more than 6K computers nationwide. What started as a small, local test quickly became a national disruption, revealing a truth that still applies today: digital systems are deeply interconnected, and a single vulnerability can ripple far beyond its source.Decades later, that same lesson applies to the relationship between community financial institutions (CFIs) and their small business customers: one weak link in the digital chain can ripple through an entire network. While CFIs have strengthened their own cybersecurity defenses over the past decade, many of their small- and medium-sized business (SMB) customers lag far behind — and when they’re compromised, so are the CFIs they work with. In fact, according to VikingCloud’s 2025 SMB Threat Landscape Report:
- 1 in 3 small businesses suffered a cyberattack last year.
- 74% of SMBs manage cybersecurity on their own, without sufficient training.
- 71% admit their defenses are not strong enough to stay protected.
- 60% admit they’re being targeted, but underestimate the real risk.
- 53% experienced disruptions due to cyber incidents last year.
Cyberattacks can be devastating. Ransomware can freeze receivables, data theft can compromise payroll, and social engineering can drain operating accounts within hours. Cyber incidents among business banking clients are no longer isolated IT events. Their repercussions can directly impact a well-regarded CFI’s credit, liquidity, and reputation. Despite this, a recent study on SMB cyber maturity found that many SMB decision-makers underestimate digital risk, often viewing cybersecurity as a “tech problem” rather than a business issue.Business Data Breaches Will Get WorseCybersecurity topped Bank Director’s 2025 Risk Survey as the number one concern for bank executives, surpassing credit and interest rate risk. The regulatory tone has shifted accordingly. Federal agencies are emphasizing enterprise-wide resilience, stressing that risk now extends beyond the walls of the institution.At the same time, SMBs are digitizing faster than ever. Many use open-source accounting software, cloud-based invoicing, or embedded AI tools to manage payroll and cash flow. Those systems often lack advanced security controls, despite connecting directly to CFI payment rails and APIs.This combination of digital acceleration and weak cyber defense creates a new form of systemic counterparty exposure that smaller lenders cannot afford to overlook. Indeed, according to Flow Specialty’s 2025 Emerging Cyber Risk Trends Report, nearly 45% of companies expect a serious supply chain or third-party cyberattack by year-end.
4 Ways CFIs Can Turn Cyber Risk into Cyber ResilienceWhile an SMB customer’s cybersecurity may feel slightly beyond a CFI’s control, proactive engagement can help lower the downstream risks of a data breach. Here are some considerations for forward-thinking CFIs.1. Integrate Cyber Resilience into Credit UnderwritingCybersecurity should no longer be treated solely as an operational matter but also as a financial risk factor. CFIs can begin incorporating a customer’s cyber resilience into credit analysis, especially for borrowers with high digital dependencies. Borrowers who lack proper cyber hygiene may not withstand attacks long enough to repay debt obligations. Ask prospective borrowers whether they have multi-factor authentication, encrypted backups, or incident response plans. For higher-risk industries such as healthcare, legal, or online retail, consider including cyber audits as part of the credit review process.2. Build SMB Cyber Risk Profiles and Early Warning IndicatorsSegment commercial clients by industry, digital maturity, and exposure to sensitive data. Then assign “cyber risk tiers” to help relationship managers identify which businesses are most vulnerable. And combine that with ongoing monitoring.For instance, review ACH volume volatility or delayed receivable inflows to detect early warning signs of possible compromise. This approach aligns cyber intelligence with traditional credit risk monitoring.3. Secure Shared Access Points in Payments and Treasury Systems
CFIs should continuously monitor high-risk transaction channels, including ACH origination, remote deposit capture, and digital treasury platforms. Look for unusual behavior patterns such as a sudden increase in wire frequency, late-night logins, or transactions to new international beneficiaries. Deploying AI-based anomaly detection can also help flag issues earlier, reducing exposure before losses escalate.4. Educate and Empower SMB Clients as a Risk Mitigation StrategyCybersecurity education can double as a customer retention tool. CFIs can host short webinars or distribute toolkits in partnership with local chambers of commerce or insurance providers. Topics can include phishing awareness, ransomware prevention, and data backup best practices. According to Flow Specialty, proactive education is the most cost-effective way to reduce SMB cyber risk exposure. A CFI that becomes an SMB cyber ally strengthens loyalty while protecting its own balance sheet.The Bigger Picture: A New Dimension of Counterparty RiskIn today’s interconnected economy, cybersecurity is no longer confined to IT departments or compliance manuals. A single SMB breach can ripple through payments, credit portfolios, and community confidence, much like a local economic shock used to spread through physical supply chains.Unlike large national banks with dedicated cybersecurity divisions, many CFIs must balance cyber oversight with resource constraints. Yet CFIs can move faster than large institutions to pilot new risk frameworks, integrate external data feeds, or launch community education efforts.Community institutions that build cyber awareness into every relationship — from third-party contracts to small-business lending — will be best positioned to weather the next wave of digital disruption.By proactively identifying SMB clients with heightened cyber exposure, CFIs can also tailor credit terms, introduce targeted insurance partnerships, and stand apart from the competition in local markets. Being able to support SMB customers and help prevent cyber incidents is a benefit not just to your CFI, but to your whole community.For guidance on the vendor side, see Overseeing Third-Party Vendors’ Cybersecurity.
4 Ways CFIs Can Turn Cyber Risk into Cyber ResilienceWhile an SMB customer’s cybersecurity may feel slightly beyond a CFI’s control, proactive engagement can help lower the downstream risks of a data breach. Here are some considerations for forward-thinking CFIs.1. Integrate Cyber Resilience into Credit UnderwritingCybersecurity should no longer be treated solely as an operational matter but also as a financial risk factor. CFIs can begin incorporating a customer’s cyber resilience into credit analysis, especially for borrowers with high digital dependencies. Borrowers who lack proper cyber hygiene may not withstand attacks long enough to repay debt obligations. Ask prospective borrowers whether they have multi-factor authentication, encrypted backups, or incident response plans. For higher-risk industries such as healthcare, legal, or online retail, consider including cyber audits as part of the credit review process.2. Build SMB Cyber Risk Profiles and Early Warning IndicatorsSegment commercial clients by industry, digital maturity, and exposure to sensitive data. Then assign “cyber risk tiers” to help relationship managers identify which businesses are most vulnerable. And combine that with ongoing monitoring.For instance, review ACH volume volatility or delayed receivable inflows to detect early warning signs of possible compromise. This approach aligns cyber intelligence with traditional credit risk monitoring.3. Secure Shared Access Points in Payments and Treasury Systems
CFIs should continuously monitor high-risk transaction channels, including ACH origination, remote deposit capture, and digital treasury platforms. Look for unusual behavior patterns such as a sudden increase in wire frequency, late-night logins, or transactions to new international beneficiaries. Deploying AI-based anomaly detection can also help flag issues earlier, reducing exposure before losses escalate.4. Educate and Empower SMB Clients as a Risk Mitigation StrategyCybersecurity education can double as a customer retention tool. CFIs can host short webinars or distribute toolkits in partnership with local chambers of commerce or insurance providers. Topics can include phishing awareness, ransomware prevention, and data backup best practices. According to Flow Specialty, proactive education is the most cost-effective way to reduce SMB cyber risk exposure. A CFI that becomes an SMB cyber ally strengthens loyalty while protecting its own balance sheet.The Bigger Picture: A New Dimension of Counterparty RiskIn today’s interconnected economy, cybersecurity is no longer confined to IT departments or compliance manuals. A single SMB breach can ripple through payments, credit portfolios, and community confidence, much like a local economic shock used to spread through physical supply chains.Unlike large national banks with dedicated cybersecurity divisions, many CFIs must balance cyber oversight with resource constraints. Yet CFIs can move faster than large institutions to pilot new risk frameworks, integrate external data feeds, or launch community education efforts.Community institutions that build cyber awareness into every relationship — from third-party contracts to small-business lending — will be best positioned to weather the next wave of digital disruption.By proactively identifying SMB clients with heightened cyber exposure, CFIs can also tailor credit terms, introduce targeted insurance partnerships, and stand apart from the competition in local markets. Being able to support SMB customers and help prevent cyber incidents is a benefit not just to your CFI, but to your whole community.For guidance on the vendor side, see Overseeing Third-Party Vendors’ Cybersecurity.
