SMBs
We've curated 34 cybersecurity statistics about SMBs to help you understand how small and medium-sized businesses are tackling evolving threats and implementing new technologies to protect their valuable data in 2025.
Related Topics
Showing 1-20 of 34 results
In one-third (33%) of cases, the SMB business owner personally handles alerts and incident resolution.
16% of SMBs allocate less than $50 per user on security annually.
27% of SMBs said they were targeted in the past 12 months.
3% of SMB owners faced severe, lasting damage following a cyber attack.
45% of SMBs cite employee negligence as their biggest cybersecurity concern, particularly acute in the education sector.
64% of SMB owners reportedly recovered quickly from a cyber attack.
58% of SMBs use network firewalls.
52% of SMBs employ email/spam filters.
17% of SMBs significantly increased their cybersecurity spend.
80% of SMBs with a formal incident response plan in place were able to avoid major damage during an attack.
43% of SMBs report they experienced a cyberattack in the past 5 years.
41% of SMBs have endpoint protection.
Half of SMBs reported increasing their cybersecurity budgets.
31% of SMB owners don't know exactly how much they spend on cybersecurity.
Only 34% of SMB owners have a formal incident response or continuity plan developed with a cybersecurity professional.
13% of SMBs rely on untrained employees to handle alerts.
The leading motivations for working with a managed service provider (MSP) for SMBs are a fear of cyberattacks (52%) and a sense of responsibility to customers and stakeholders (40%).
26% of SMBs do not conduct regular penetration tests or security assessments.
42% of SMBs are worried about outdated technologies, with healthcare businesses the most concerned.
27% of SMBs lack cyber insurance.