News
Cybersecurity Concerns Push SMBs To Increase Spending
More than half of small and midsize businesses rank cybersecurity and data protection among their top priorities, with many planning to increase security spending as AI adoption adds new risks, according to a new IDC survey commissioned by Sage.
The global survey of 2,210 SMBs found that 52 percent listed cybersecurity and data protection as top business priorities for the next 12 months. Six in 10 respondents also said they expect to increase cybersecurity spending over the same period, according to the findings.
"Six in ten SMBs (60 percent) also expect to increase cybersecurity spending over the same period," according to the findings.
The research also found that 33 percent of SMBs prioritize scaling AI adoption in the following year. However, hackers are now increasingly using AI to bolster their cyber arsenals, placing SMBs in vulnerable positions.
"Small and medium-sized businesses are under growing pressure from cyber threats, and AI is making that challenge more urgent," UK Cyber Security Minister Baroness Lloyd said.
The research uncovered that one in two SMBs experienced an incident or data breach in the last 12 months.
Over 80 percent of SMBs are not prepared or remain in the early stages of preparedness for AI-related threats. At the same time, nearly a quarter have yet to implement dedicated protections for AI applications.
"The research suggests many SMBs still believe they are not a prime target for cyberattacks, despite threats becoming more sophisticated and widespread," said Joel Stradling, senior research director for European Security at IDC.
The findings illustrate a trio of points restraining SMBs:
- Smaller businesses remain the most vulnerable to cyber threats, with far fewer taking a proactive approach to security compared to medium-sized organizations.
- Many SMBs have basic security tools in place, but weak training and poor incident preparedness reduce their effectiveness during real attacks.
- As companies rely more on SaaS and third-party platforms, security oversight is failing to keep pace, creating growing blind spots in digital operations.
"Businesses that close the gap between growth ambitions and security readiness will be best placed to build long-term digital trust with customers, partners and investors."