US SMBs Urge for Cybersecurity Education as Cyber Threats Hit an All-Time High

New study reveals 43% gap in cybersecurity education among small and mid-sized businesses, urging collaboration and investment from industry players


ATLANTA, Oct. 12, 2023 (GLOBE NEWSWIRE) -- Understanding the evolving threat landscape is the biggest cybersecurity challenge facing small and mid-sized businesses (SMBs), including non-for-profit organizations – and more than half are calling for help to manage the risks, according to new global research released today by Sage.

The leader in accounting, financial, HR and payroll technology for SMBs conducted global research across eight countries, including the United States, to investigate perceptions of cybersecurity among SMBs and the key hurdles they are facing in protecting their business from cyber threats. Through the study, Sage aims to demystify the nuanced challenges of cybersecurity so that SMBs can take a more proactive stance to protect and grow their business, develop their teams, and provide outstanding customer experience.

The research reveals:

  • Globally, 48% of SMBs have experienced a cybersecurity incident in the past year, while 26% of US SMBs have experienced more than one type of cyber breach
  • 75% of US SMBs say cyber threats are a major concern and 59% expect to increase their investment in cybersecurity in the coming year
  • Top cyber breaches impacting US SMBs include Distributed Denial-of-Service (DDoS) attacks (21%), data loss (20%), ransomware attacks (16%) and credential theft (15%)

With cyber threats reaching an all-time high since 2018, knowing what is important, where to start and overcoming cost barriers is critical for SMBs that want to bolster their cyber resilience.

SMBs in the US recognize this, and 60% are turning to cybersecurity companies and trusted tech partners (49%) to educate and support them. More than half (51%) also believe industry bodies should help improve cybersecurity preparedness by supporting with education and training.

Ben Aung, EVP Chief Risk Officer, Sage, said, “Navigating the fast-paced world of cybersecurity can be overwhelming for SMBs, who often lack dedicated IT expertise. While our research highlights their genuine concern for cybersecurity, they seek guidance to comprehend and mitigate risks beyond the misconception of it merely relying on firewalls and tools. At Sage, our commitment is to make cybersecurity accessible, fostering confidence through knowledge, resources, and a human-centric approach, empowering SMBs to strengthen their cybersecurity culture even with limited budgets.”

Aaron Harris, CTO, Sage, said, “Cybercrime and threat actors do not discriminate – they have the potential to greatly impact the largest enterprise or the smallest mom-and-pop shop. In today’s interconnected world, every business, regardless of its scale, relies heavily on a digital presence which can be the ‘open door’ for cyber criminals to steal data that not only impacts you and your business but your customers as well. SMBs that shore up their cyber defences can demonstrate resilience, earn and retain customer trust, and set themselves apart as trustworthy partners in an increasingly competitive landscape. Their actions to protect themselves and their customers today will inspire a new culture of cyber defensiveness among SMBs for years to come.”

Lynne Pace, CFO & VP of Finance, Danson Construction, said, “In today’s digital realm, cybersecurity hurdles are a constant reality for businesses like ours. We face daily data threats, phishing attempts, ransomware attacks – it’s a maze out there. As a small business, juggling protection and growth is a real challenge. The cyber world is a puzzle we can’t ignore. Safeguarding while advancing is the name of the game and finding solutions that fit our size is a must. In this journey, a helping hand from tech companies and government support is crucial. With their help, we can navigate this intricate landscape with more confidence.”

Shawnee Delaney, founder & CEO, Vaillance Group, said, “Small businesses are increasingly becoming prime targets for cyber-attacks; however, they are struggling to keep up with the new techniques employed by threat actors given their lack of resources and funding. These circumstances reinforce the paramount importance of partners and experts in educating and empowering individuals within organizations to recognize and mitigate threats to confidently defend themselves. Sage’s research highlights this pressing need, and our approach at the Vaillance Group aligns with this imperative. With the right support, SMBs can navigate the complex cyber landscape with confidence and resilience.”

The research findings also underscore a trend in the cybersecurity business landscape, revealing that most US SMBs (73%) say they would use a more expensive supplier if they had better security and displayed more information about the privacy and security of their products. This reflects the growing demand amongst SMBs for reliable cybersecurity solutions and the importance they put behind safeguarding their data, presenting a significant opportunity for cybersecurity businesses to tap into the SMB market.

Notes to Editors  
Sage’s study – Cybersecurity for SMBs: Navigating Complexity and Building Resilience can be accessed here: https://www.sage.com/en-gb/company/digital-newsroom/2023/10/12/cyber-security-for-navigating-complexity-and-building-resilience

Key findings
48% of SMBs have experienced a cybersecurity incident in the past year 
91% expect cybersecurity investments to increase or remain the same in the coming year  
69% of SMBs say cybersecurity is part of their culture, but most only discuss when something changes or goes wrong internally
51% say keeping on top of new threats is their biggest challenge 
19% of SMBs rely solely on basic controls
58% of SMBs backup their data
80% of SMBs have a process in place to manage cybersecurity risks of remote workers
25% of those with a process in place acknowledge not all adhere to it
52% want more support with cybersecurity education and training
44% say economic uncertainty/cost of living has reduced cybersecurity budgets
64% of SMBs of SMBs use cyber insurance – 74% plan to use it next year

Cybersecurity challenges
45% - Ensuring employees understand what is expected of them 
44% - Educating employees about cybersecurity 
43% - Understanding what security is needed 

For guidance on how to navigate cybersecurity for your business, visit the Sage Trust and Security Hub

About Sage 
Sage exists to knock down barriers so everyone can thrive, starting with the millions of Small and Mid-Sized Businesses served by us, our partners and accountants. Customers trust our finance, HR and payroll software to make work and money flow. By digitizing business processes and relationships with customers, suppliers, employees, banks and governments, our digital network connects SMBs, removing friction and delivering insights. Knocking down barriers also means we use our time, technology and experience to tackle digital inequality, economic inequality and the climate crisis.

Media Contacts

Mara Maddox
US Public Relations Manager
mara.maddox@sage.com

AxiCom
SAGEUSTEAM@axicom.com

Methodology

Sage’s research was conducted by independent market research company, Danebury Research, between 4th April and 15th April, 2023, via 2,100 online interviews with decision makers in SMBs with up to 499 employees.  

The 2,100 interviews were split across nine markets. These were: UK (500), U.S. (500), France (100), Germany (100), Portugal (100), Spain (100), South Africa (100), Canada (500) and Australia (100). In addition to presenting global, overarching trends, the results were broken down into individual market tables and regional samples.