SMBs know the risks, but struggle to keep up
High awareness but limited resources and outdated tools leave SMBs exposed to fast-moving, AI-powered threats.
Key insights
Awareness doesn’t equal protection
94% of SMBs say they’re aware of cyber threats, but most fall short on training, tooling, and consistent execution of their security strategies.1
Size defines cyber readiness
Just 47% of micro-businesses have a security plan, compared to nearly 90% of larger SMBs, revealing a clear maturity divide by company size.1
Ransomware hits the smallest hardest
Among SMBs that experienced a cyber incident, 29% of those with fewer than 25 employees were hit by ransomware — the highest of any group.1
Budget continues to be a barrier
Two-thirds of SMBs say cost prevents them from upgrading security tools, and only 7% believe their current budget is fully sufficient.1
Partners play a critical role
70% of SMBs rely on outside experts to guide security decisions, highlighting the opportunity for partners to deliver trusted solutions, support, and education.1
Related Resources
1Based on a survey CrowdStrike commissioned from February-March 2025 of 291 small business professionals located in the US from organizations with 1 - 249 employees.
