SMBs
We've curated 78 cybersecurity statistics about SMBs to help you understand how small and medium-sized businesses are tackling evolving threats and implementing new technologies to protect their valuable data in 2025.
Showing 21-40 of 78 results
27% of SMBs experienced customer data breaches in the past 12 months.
SMBs plan to use AI in 2026 for threat detection (39%), incident response (34%), fraud detection (34%), and automated phishing detection (31%).
Cyberattacks rank as the number one business concern for small- and medium-sized businesses (SMBs).
84% of business owners still self-manage their cybersecurity programs.
54% of cyber leaders at SMBs still self-manage their cybersecurity programs.
56% of cyber leaders at SMBs report increased anxiety due to cybersecurity responsibilities.
50% of SMBs say they would lose customers after a successful breach.
58% of SMBs experienced website downtime in the past 12 months.
55% of SMBs experienced third-party or vendor outages in the past 12 months.
51% of SMBs experienced point-of-sale software downtime in the past 12 months.
32% of SMBs have security awareness training.
62% of mid-market organizations agree that AI-driven phishing and deepfake scams are on the rise.
37.9% of small to mid-size organizations agree with the statement “We have observed a significant increase in sophisticated, AI-driven social engineering attacks targeting our employees in the past 12 months.”
24.1% of small to mid-size organizations strongly agree with the statement “We have observed a significant increase in sophisticated, AI-driven social engineering attacks targeting our employees in the past 12 months.”
8.5% of small to mid-size organizations strongly disagree with the statement “We have observed a significant increase in sophisticated, AI-driven social engineering attacks targeting our employees in the past 12 months.”
44.4% of SMBs say poor coordination is the key hurdle to resolving security vulnerabilities and incidents.
41.7% of SMBs say containment is the key hurdle to resolving security vulnerabilities and incidents.
Only ~25% of Medium & Low Priority alerts are investigated by SMBs.
40% of SMBs say an attack costing $100,000 or less could put them out of business.
67% of SMBs have real-time threat monitoring or intrusion detection/prevention systems.