top of page

48% Of SMBs Have Rocky Road To Cybersecurity

Published: January 14, 2024 on our newsletter Security Fraud News & Alerts Newsletter.

Protecting your business from cyberattacks is a concern for every enterprise. Perhaps nowhere is that more evident than with small-to-medium sized businesses (SMBs). SMBs face a unique set of challenges to their cybersecurity that large corporations just don’t have. A global study of SMBs by Sage business software shares insights into the SMB security landscape. With cyberattacks expanding and evolving, survey highlights and helpful security tips are a must-read for all SMBs.

To better understand SMBs it helps to know what’s considered a small and a medium business. Using the number of employees as the guide, Gartner research views a small business as having less than 100 employees while a medium business has 100-900 employees.

SMB Cybersecurity Statistics

  • 48% of SMBs experienced a security incident this past year

  • 51% say keeping on top of new threats is their biggest challenge

  • 43% say the cost of cybersecurity is a challenge

  • 44% educating employees about cybersecurity

  • 16% only discuss cybersecurity when something goes wrong

For SMBs, the risk of a cyberattack is real, with almost half reporting a security incident this past year. That number represents only reported incidents and could be much higher in reality.

Providing appropriate cybersecurity for each business can be as unique as the SMBs themselves. Only 43% understand the type of security they need, with another 43% saying the cost of effective security is itself a challenge. But if you don’t know what security you need, how do you know what it’ll cost? The answer lies with cyber-educating SMB leaders and their employees.

Cyber-Education: A Culture of Cybersecurity

With 51% of SMBs saying their biggest challenge is keeping on top of new threats, a culture of security through education can help avoid new and existing cyberthreats. Regularly educating employees on threats like email phishing, social engineering attacks, and reporting anything suspicious can stop cyberattacks before they start. Implementing 2FA for everyone from top to bottom is another important discussion.

Ongoing education creates a cyber-smart culture for SMBs and can help prevent the attacks they rightly fear. Welcoming discussions and questions from employees removes the stigma from them not knowing the answers. For every SMB, education demystifies and supports the culture of cybersecurity that’s needed today and tomorrow.

Want to schedule a conversation? Please email us at


bottom of page