80% of SMBs with a formal incident response plan in place were able to avoid major damage during an attack – highlighting the need for support from MSPs
According to a report published today by Guardz, the cybersecurity platform empowering Managed Service Providers (MSPs) to protect small and medium-sized businesses (SMBs), almost 50% of all US based SMBs (43%) have already experienced a cyber attack. While 80% of respondents believe the need for cybersecurity in their industries has increased over the past year and 61% anticipate greater overall cyber risks in the year to come, 52% of SMBs still rely on an untrained internal staff member or the business owners themselves to manage critical security functions without support from professionals such as Managed Service Providers (MSPs).
“In 2025, SMBs are confronting the reality that cyber threats are no longer distant possibilities, but daily risks with the potential to disrupt or even destroy a business,” said Dor Eisner, CEO and Co-Founder of Guardz.”This research confirms that businesses increasingly recognize the value of experienced service partners. Those that try to manage risk on their own lack the expertise, resources, and tools needed to stay resilient. The data shows that organizations with strong preparation, grounded in clear processes and trusted partners, are far better positioned to avoid disruption and maintain continuity.”
Persistent Vulnerabilities
SMBs report ongoing challenges in defending against common threats, with phishing, ransomware, and employee mistakes topping the list. Nearly half (45%) of respondents cite employee negligence as their biggest cybersecurity concern, particularly acute in the education sector. While 43% of SMBs report they experienced a cyberattack in the past 5 years, 27% said they were targeted in the past 12 months. A majority (64%) of business owners reportedly recovered quickly, but a small but significant number (3%) faced severe, lasting damage.
Other interesting and alarming findings include:
- 58% of SMBs use network firewalls, 52% employ email/spam filters, and 41% have endpoint protection.
- 26% do not conduct regular penetration tests or security assessments.
- 42% of SMBs are worried about outdated technologies, with healthcare businesses the most concerned.
Rising Awareness, Inadequate Preparation
In a year of a fast-moving threat landscape, half of SMBs reported increasing their cybersecurity budgets, with 17% significantly increasing their spend. The average investment per employee remains minimal: 16% of SMBs allocate less than $50 per user annually, and nearly a third (31%) of SMB owners don’t know exactly how much they spend on cybersecurity at all.
Only 34% of SMB owners have a formal incident response or continuity plan developed with a cybersecurity professional, and 27% lack cyber insurance altogether. In one-third (33%) of cases, the business owner personally handles alerts and incident resolution, which is both time-consuming and outside their expertise, leaving room for missteps and oversights. An additional 13% of SMBs rely on untrained employees to handle alerts, reinforcing the operational fragmentation identified in the report.
A Turning Point for MSP Engagement
As threats mount, SMBs are increasingly looking to external partners for help. According to the survey, the leading motivations for working with a managed service provider (MSP) are a fear of cyberattacks (52%) and a sense of responsibility to customers and stakeholders (40%). While other factors were reported, compliance requirements, reduced cyber insurance premiums, and a growing need for specialized expertise, stood out as the primary drivers.
The report reveals that 80% of SMBs with a formal incident response plan in place were able to avoid major damage during an attack, highlighting that preparedness, and working with professionals, determines resilience.