A new report shows that while leaders of small and mid-sized businesses (SMBs) understand the need for stronger cybersecurity, many simply can’t afford to act on it, potentially leaving their businesses open to devastating attacks.
Published today by fibre internet provider Kinetic Business, the Small and Medium-sized Business Technology Report found that 59% of SMB leaders say they need to improve cybersecurity and compliance in 2025. But fewer than half (49%) plan to invest in cybersecurity tools, largely due to tight budgets and limited resources.
More than 50% of respondents admitted they are not very confident in their ability to handle a cybersecurity threat and lack the resources to upgrade their defences. With the average cost of a breach for small businesses hovering around $25,000, the gap between awareness and preparedness could prove costly.
Mike Flannery, president of Kinetic Business, said: “It’s evident small to medium-sized businesses are strapped for time and resources, giving cyber-criminals an opening to disrupt daily operations. Businesses need support and simple solutions to protect their company, bottom lines, reputations, and most importantly – their customer data.”
Though often viewed as a problem for large enterprises, cyberattacks frequently hit smaller companies. Kinetic Business cites that 43% of cyberattacks target SMBs, and one in four say a single disaster or threat could shut them down for good.
Budget constraints aren’t the only hurdle SMBs face. Respondents also pointed to economic uncertainty (42%), cost-cutting pressures (41%), recruiting challenges (30%), and outdated tech (27%) as major concerns heading into 2025.
With small and mid-sized businesses making up 43.5% of U.S. GDP, according to the U.S. Chamber of Commerce, their ability to survive threats like cyberattacks isn’t just a private issue, it’s a national one.