SMBs are facing an increase in cybersecurity attacks, yet many lack the in-house skills to properly address security issues.
As small and medium-sized businesses (SMBs) face a rapidly evolving threat landscape, the The State of SMB Cybersecurity in 2024, conducted by Vanson Bourne and commissioned by ConnectWise, the leading software company dedicated to the success of Managed Service Providers (MSPs), reveals that 94% of SMBs have experienced at least one cyberattack, a dramatic rise from 64% in 2019. This increase in cyberattacks is exacerbated by the fact that 76% of SMBs lack the in-house skills to properly address security issues, increasing demand for the expertise and services of MSPs.
The growing wave of cyber incidents is eroding SMBs’ confidence in their ability to protect their businesses with a staggering 78% concerned that a severe cyber attack could drive them out of operation. This escalating apprehension is pushing SMBs to reevaluate and strengthen their cybersecurity strategies, recognizing the urgent need for proactive measures to safeguard their data, maintain customer trust, and drive innovation in a perilous digital era.
“As SMBs confront escalating risks, when it comes to cybersecurity they are moving beyond ‘good enough’, “said Raffael Martin, SVP, Product Management at ConnectWise. “Our research shows that confidence, trust, and a sense of security are crucial in the MSP-organization partnership. It is critical for MSPs to deliver top-tier technology, foster strong personal relationships, and provide holistic support to meet these expectations and support SMBs in navigating the ever-changing cybersecurity landscape.”
The Growing Toll of Cyber Incidents
The data reveals that in addition to the substantial increase in the frequency, more than half (56%) of SMBs have already faced at least one cyber-attack this year and 89% fear they will be targeted within the next six months, organizations are feeling the impact of these incidents. Almost all (99.5%) of organizations have experienced repercussions from cyber incidents, with 38% citing the cost and effort of dealing with these issues as the most common impact. Compared to 2019, 64% more of SMBs report experiencing damage to company reputation as a result of increased frequency of attacks.
Despite these challenges, SMBs that work with MSPs report slightly lower impacts in terms of company reputation damage, monetary costs of dealing with the attack, and negative publicity compared to those that do not use an MSP. Although partnering with an MSP may not decrease the frequency of cyberattacks, it can significantly diminish the effectiveness and consequences of these attacks, providing a valuable layer of defense.
SMB-MSP Partnerships Strengthen
With 90% of SMBs acknowledging the critical importance of cybersecurity, it is now one of the top three organizational priorities for the next two years. In response, many businesses are ramping up their cybersecurity investments with 83% of organizations planning to increase their cybersecurity budgets by an average of 19% over the next 12 months. Technological advancements, including AI and GenAI, are key areas of focus, with 32% of organizations targeting these technologies to enhance operational efficiency and stay competitive.
As organizations adopt increasingly complex tech stacks in tandem with a growing threat landscape, more SMBs are coming to rely on MSPs. Up from 89% in 2022, 94% of MSPs now use an MSP, with over half of SMBs outsourcing the majority of their IT infrastructure, services, and cybersecurity needs.
According to the findings, it is evident that SMBs are committed to ensuring the security of their organizations. An impressive 83% of these organizations have expressed their intention to increase investments in cybersecurity over the next 12 months, with an average budget increase of 19%. When it comes to finding the right cybersecurity partner, 62% of organizations claimed they would consider switching providers for better solutions, with a willingness to pay an average of 47% more for the right cybersecurity services.
Conducted between March and April 2024, this research includes insights from 700 IT decision makers and business decision makers, with representation in the US, Canada, UK, and Australia and New Zealand. Respondents were from organizations with between 10 and 1,000 employees and from a range of private and public sectors.
These findings are detailed in the new report, “The State of SMB Cybersecurity in 2024,” which is available for download here.