Techaisle Blog

The digital landscape for small and medium-sized businesses (SMBs) and midmarket enterprises is a minefield fraught with evolving threats and escalating costs. Techaisle’s latest 2025 SMB and Midmarket Security Adoption Surveys paint a stark picture: while some metrics suggest a plateau in security incidents, the financial impact, and perceived vulnerability are on the rise, driven by factors like AI-powered threats and persistent staffing challenges. This blog delves into the key findings, offering a comprehensive look at the state of cybersecurity for these critical segments.

The Bottom Line: Escalating Financial Losses Amidst Perceived Vulnerability

Let's start with the hard numbers. The average loss for SMBs due to security incidents in 2024 surged to US$1.6 million, up from US$1.4 million in 2023. This increase, despite a seemingly stable incident rate (44% in 2024, consistent with 2023 but down from 56% in 2021 and 2022), highlights a crucial point: the attacks are becoming more sophisticated and costly. While the frequency might be leveling, the severity and financial ramifications are intensifying. Adding to the complexity, despite the downward trend from 2021/2022, a concerning 68% of SMBs feel under-prepared compared to their peers, a slight uptick from 65% in the previous year. This discrepancy between perceived incident rates and felt vulnerability indicates a growing awareness of the sophistication of modern threats and a lingering sense of inadequacy in defense mechanisms.

The Threat Landscape: AI, Attacks, and Denial of Service

Techaisle's research identifies the top cybersecurity risks as cyberattacks, risks related to the use of AI, and denial-of-service (DoS) attacks. The rise of AI as a security risk is particularly noteworthy. In 2025, 56% of SMBs anticipate new security risks stemming from AI, up from 48% in 2024. This burgeoning concern reflects the dual-edged sword of AI: while it offers potential security benefits, it also introduces new attack vectors and amplifies existing ones. The escalating concern about AI-powered threats is logical. Bad actors increasingly leverage generative AI to craft sophisticated phishing campaigns, automate malware development, and amplify social engineering attacks. This trend is not just theoretical; it’s a tangible threat that SMBs are grappling with.

A global research study of 6,240 SMBs and midmarket firms found that IT security is a top priority for these organizations. 85% of SMBs and 100% of midmarket firms ranked IT security as a top priority, and 61% of these firms are increasing their IT security spending by more than 8%, a higher percentage than overall IT spending. The study also revealed that 56% of SMBs and 88% of upper midmarket firms experienced at least one cyberattack in the past year. As a result, preventing cyberattacks is a priority for 64% of firms.

According to the Techaisle survey, cybersecurity breaches can be costly for SMBs (1-999 employees), with an average loss of US$1.2 million in data, productivity, compliance and regulatory expenses, and staffing costs. Upper-midmarket firms (1000-4999 employees) suffer even more significant losses, with an average cost of US$28.6 million per breach.

According to a survey of 2035 businesses conducted by Techaisle, cybersecurity breaches cost SMBs (1-999 employees) an average of US$1.2 million in data, productivity, compliance and regulatory expenses, and staffing costs. In contrast, upper-midmarket firms (1000-4999 employees) suffered an average loss of US$28.6 million. The research also revealed that 56% of SMBs and 88% of upper midmarket firms experienced at least one cyberattack in the past year.

SMBs and midmarket firms recognize that a security breach can have significant business implications. When asked about the potential impact of a breach, 54% of firms stated that it would damage their customers’ privacy, 49% believed it would erode customer trust in their business, and 44% saw it as damaging to their company’s reputation. Nearly one-quarter reported that a breach would have a substantial negative impact on their bottom line. Security is not just an issue but also a critical factor in defending against threats to trust, compliance, and financial viability.

Security is a critical concern for SMBs and midmarket firms. While technology is essential for productivity, growth, and profitability, it also exposes businesses to potentially devastating security breaches. Many SMB firms practice “security through obscurity,” hoping that attacks will target larger organizations while they keep a low profile. However, with enough hackers, scammers, and cybercriminals to go around, every conscientious SMB executive must address security threats and take action to safeguard their business against other threats, such as loss of customer trust, compliance with laws and regulations, and loss of financial solvency.

Techaisle survey indicates that SMBs have IT security on their agendas, with 85% of SMBs and 100% of upper midmarket firms considering it a critical concern. A closer look at the findings shows that other important issues for SMBs, such as cloud and hybrid work, cannot be implemented without an effective security approach.

Small and midsized businesses find it challenging to defend their users, applications, and data against external threats. Data from Techaisle’s SMB and Midmarket security research reveals 63% of US SMBs report that they experienced one or more cyberattacks in the last year, contributing to an average of 3.6% of revenue loss attributable to security incidents. For 46% of SMBs, preventing cyber-attacks is one the most pressing and critical IT issues. Yet, 59% of SMBs are very confident that their firms could recover from a cybersecurity incident. Nevertheless, security issues cast a long shadow over SMB IT priorities, especially as firms embrace the benefits of hybrid work, hybrid IT, only to find that their environments become more complex and more challenging to manage and protect. SMBs respond by expanding security budgets – but they lack the staff and expertise to construct effective shields around their organizations. The channel, working with leading-edge products like those from Fortinet, Cisco, Dell Technologies, Palo Alto Networks, has an essential role to play in defending their clients’ SMB businesses against security threats.

The origins of the saying “it’s about the journey, not the destination” may be unclear. Ralph Waldo Emerson, theologian Lynn H. Hough, Canadian rapper Drake, or others may have said the phrase, but its applicability in an IT security context is clear. There is no endpoint at which security is ‘done’; security requires constant updating to stay current with expanding threat vectors.

This requirement for continuously improved IT security is both a challenge and an opportunity for security suppliers.

What is the opportunity?

Techaisle has pegged global SMB security spending in 2023 at $68 billion. However, high IT security spending levels and growth rates mask an underlying sense of confusion concerning safeguarding emerging cloud and hybrid IT environments – and a lack of resources to address this problem. Compounding – or perhaps, causing – the lack of clarity into cloud security issues and the relatively tepid adoption rates for cloud security solutions is that SMB IT operations are under-resourced. Without specialized staff, SMBs cannot keep pace with the constantly changing threat vectors and security options.

The lack of insight by small businesses becomes clear: only 5% have IT security staff. 44% of midmarket firms have an average of three full-time internal security staff, but the demands of a business of this size would exceed a single individual’s bandwidth. The percentages more than double for upper-midmarket firms. Simply put, SMBs lack the bench depth needed to dedicate IT resources to security. Everywhere within the SMB segment, there is a mismatch between available resources and the depth of the skills required to keep pace with security needs.

The lack of understanding of a threat associated with a widely-used platform on the one hand, and the lack of IT staff resources available to address security concerns on the other, produces a clear conclusion: SMBs need suppliers to step up to the delivery of secure IT environments.

In many cases, these suppliers will be the mainstream channel partners who supply the SMB’s technology and act as the IT management presence within the SMB’s business. In other cases, including in many midmarket environments, the source of security products and services will be specialized managed security providers who focus tightly on operating SOCs and protecting client environments. In some scenarios, firms will ‘land’ by entering a client account from one of these positions and then ‘expand’ to serve a broader range of IT supply needs – crowding out competitors who can’t address the risk and compliance issues that are central to the CEO’s mandate.

What is the security supplier call to action?

As security suppliers move towards managing SMB security needs, they need to address the pace at which their clients absorb new offerings. Small businesses will not embrace eight new technologies, nor are midmarket firms going to integrate fourteen new solutions into their environments. Even if this were possible from a budget perspective, it would cause chaos in the business.

Instead, suppliers of security services need to co-create a security roadmap with their SMB, which starts with assessing the customers’ executive teams’ tolerance for risk. What absolutely must be secured, and in what order? The security supplier can then identify the solutions that best fit the customer’s immediate and longer-term needs and then deploy, integrate and manage the solutions over time. After all, data shows that 45% of SMBs feel it will be beneficial for them if an external services firm can help define and implementing security policies.

One key point of exposure in this process is the ability to ensure that different solutions work together. In the cloud world, and increasingly in the on-premise world as well, channel partners and MSPs focus on integrations: the breadth of a single vendor’s product line, plus – and importantly – the extent to which third parties develop and support links to a firm’s products.

There will be no slowdown in the digital transformation of SMBs; their business infrastructure will increasingly rely on technology. Likewise, there will be no slowdown in the threats to that infrastructure; as reliance on technology increases, so does the potential bounty for attackers. And as a result, there will be a continuous and growing need for IT security services – which will sustain firms adept at delivering and managing security solutions that combine expertise and industry-leading technology.