On par with economic and financial challenges, cyber threats are significant enough to cause small and medium-sized businesses (SMBs) to shut down.
VikingCloud’s 2025 SMB Threat Landscape Report shows cybersecurity threats sit at the 2nd position when it comes to business concerns for SMBs in the midst of inflation and reduced consumer spending.
Most SMBs consider security as an afterthought rather than a core business imperative.
It’s no surprise that 1 out of 5 SMBs could potentially run out of business should they be hit by a cyberattack.
And the signs are clear:
- 22% of SMBs don’t have cybersecurity measures or policies to cater for endpoint devices,
- 18% of SMBs don’t consider regular software updates,
- 17% of SMBs lack cybersecurity training for their teams,
- 16% of SMBs never back their data and
- 14% don’t require MFA for their staff.
Lack of Resources Remains a Problem
80% of SMBs are aware of the security vulnerabilities in their business yet they barely take action or their efforts are not enough. Most SMB owners wear many hats — manage sales, operations, marketing, human resource, and above all add security on top.
One interesting finding from the report is that 74% of SMB owners self-manage their cybersecurity or rely on untrained family members or friends.
That said, 23% of them acknowledge the fact that they do not understand the cybersecurity risks facing their business largely because they lack training – 26% acknowledge that.
Even more concerning, only 15% have hired an IT staff to take charge of security or partnered with an external Managed Security Service Provider (MSSP).
With cyber threats being sophisticated, it’s evident attackers aren’t lowering their guns anytime soon. They are constantly hunting for valid logins to breach systems, we hear about new vulnerabilities every time and what of the snake under the hood, insider threats?
The report further revealed most SMBs(24%) fall prey to malware, followed by Denial-of-Service attacks (19%) and deepfakes schemes trying to access business accounts (19%). Ransomware appeared on the chart with 14% experiencing it at least once.
A Call to Action for SMBs
VikingCloud has offered important security measures for SMB owners looking to elevate their cybersecurity posture:
- Cybersecurity Should Remain a Priority, Not an Afterthought: Most SMBs have a bad habit of handling cybersecurity on their own, often without a clear strategy or dedicated resources. The worst part is that, is considered later on — an afterthought. Cybersecurity should be carefully planned and integrated into daily operations and what lies ahead.
- Know Your Risks Before They Cost You: SMBs are encouraged to take action beyond their awareness of cyber threats. Proactive measures should be taken to assess vulnerabilities and threats before they become a headache. Also, don’t be stingy with cybersecurity – allocate a substantial budget.
- Outsource Complex Issues to Experts: Rely on Managed Security Service Providers (MSSP) for enhanced security and robust defense. It might cost you but remember not investing in cybersecurity is a far greater risk.
- Adopt Automation in Security: AI-driven security solutions can handle most of your business security operations like real-time threat detection and response and the automation of critical security processes which positions you ahead of attackers.
About Author
