Cyber-attacks are on the rise, that’s no surprise. Cyber-attacks directed at small businesses, however, are also increasing, according to new data, reported FoxBusiness.

In fact, according to Symantec’ 2014 Internet Security Threat Report, one in five small-to-medium-sized (SMB) companies were the victims of cyber breaches in 2013. Plus, per a NetDiligence survey, the most common cause of a hack is due to a lost or stolen device, not an actual hacker.

Miller Newton, CEO of PKWARE – a data and smart encryption company, predicted four major hacks would take place between this year and last, and two have: corporate espionage (Sony) and a health-care breach (Anthem). Miller also predicts massive breaches in a pro-sports franchise and an infrastructure hack.

“Unfortunately, we know that history repeats itself,” Miller told FOXBusiness.com. “It takes a significant security breach for businesses and government to get serious about securing critical systems and information.”

His remedy?

“Unilaterally, security focus needs to shift from networks and devices to protecting information by armoring the data itself … as businesses and individuals, strengthening security will require vigilance, expense and even some inconvenience,” said Miller.

According to Ponemon Institute’s 2014 Cost of Data Breach Study, hack attacks in the United States cost on average $200 per record compromised. That same study says each breach typically involves some 29,000 records – roughly $5.8 million to cover that cost alone.

Tim Francis, enterprise and cyber lead at Travelers, said “there’s an under-appreciation of how vulnerable an SMB might be to a cyber-event.” His advice to SMBs is to be vigilant in the “pre-breach environment,” covering all bases when safeguarding against hackers.

“For a small business, they may not spend billions dealing with a breach, but there’s a higher risk they’ll be crippled so severely they’ll have to close their doors [after a breach],” Francis said.