Retail and wholesale businesses are considerably more likely than businesses overall to say that cybercrime is a low priority. They are also less likely to have a board member or trustee responsible for cybersecurity than most other sectors.