Small and medium-sized businesses do not. They face the same threats in many cases exactly the same threats, deployed by the same AI-enabled tools against the same categories of vulnerability without the resources, expertise, or budget to mount equivalent defences. The result is not just a commercial problem for individual businesses. It is a structural gap in the UK’s national cyber resilience that leaves a significant portion of the country’s economic infrastructure genuinely exposed.

BT Business just moved to close that gap in the most direct way available to a company of its scale: by bringing the AI-powered cyber security capabilities that large enterprises have access to within reach of the UK’s small and medium-sized businesses at a price point and accessibility level that reflects the reality of how SMEs actually operate rather than the resources they wish they had.

The launch includes AI-powered endpoint security tools powered by CrowdStrike, a comprehensive free support infrastructure, and a nationwide campaign designed to reach the 1.8 million UK businesses that currently lack even basic cyber protection. It is the most significant SME-focused cyber security initiative BT has launched and the timing reflects a threat environment that makes the gap it is addressing genuinely urgent.

The Numbers That Define the Problem

Before examining what BT has built, the scale of the problem it is addressing deserves to be stated plainly because the statistics in this announcement are alarming enough that they tend to get absorbed as background noise when they should be stopping points.

4,000 probes per connected device per day. BT’s research reveals a 300% year-on-year increase in malicious scanning activity, with connected devices now being probed an average of 4,000 times daily. That figure is not the number of successful attacks. It is the number of attempts automated, AI-accelerated reconnaissance activity that tests for vulnerabilities continuously, around the clock, without the cost constraints that limited the scale of human-directed attacks in earlier eras.

4 million cyber attacks prevented across BT’s networks every day. This is the number of attacks that BT’s own infrastructure is stopping on behalf of the businesses and consumers on its networks. It reflects both the scale of the threat and the degree to which network-level protection provides a first layer of defence that individual business-level security then needs to build upon.

1.8 million UK SMEs with no basic cyber protection. This is the most consequential number in the announcement. One in three of the UK’s SME population approximately 1.8 million businesses currently operates without even the foundational security controls that would provide meaningful protection against the most common attack types. These are not organisations that have made a sophisticated risk calculation and decided that their exposure is acceptable. They are organisations that have not been able to access affordable, deployable security capability at all.

£3,550 average cost of a cyber breach for UK businesses. This figure, from government data, represents the average direct cost of a single breach. For a large enterprise, £3,550 is a rounding error. For a small business operating on tight margins, it can be the difference between surviving and not particularly when indirect costs, customer loss, and reputational damage are added to the direct financial impact.

43% of UK businesses experienced at least one breach or attack in the past year. Nearly half of all UK businesses have been successfully attacked in the most recent twelve-month period. That is not a statistic about a threat that might materialise. It is a statistic about a threat that is already materialising at scale.

Why AI Has Changed the SME Threat Calculus Fundamentally

The threat environment that UK SMEs face in 2025 is categorically different from the one that shaped most SME owners’ understanding of cybersecurity and the difference is almost entirely a function of what AI has done to the economics and scalability of cyber attacks.

The traditional model of cybercrime involved meaningful human effort at most stages of the attack chain. Identifying vulnerable targets required manual reconnaissance. Developing exploit code required technical expertise. Crafting convincing phishing communications required time and language capability. Conducting attacks at scale required either large criminal organisations or the patience to work through targets sequentially.

AI has automated or dramatically accelerated every one of these previously labour-intensive activities. Vulnerability scanning that used to require human direction now runs autonomously at the scale of thousands of probes per device per day. Phishing emails that used to be identifiable by poor grammar and generic content are now indistinguishable from legitimate communications because AI language tools produce contextually appropriate, personally targeted content at industrial scale. Malware that used to require specialised development expertise is now generated and varied by AI tools that can produce novel variants faster than signature-based detection can keep pace with.

The consequence for SMEs specifically is that the complexity and sophistication threshold for attacks targeting them has dropped to the level where attacks that previously required nation-state or organised criminal resources are now accessible to a much broader population of malicious actors. Jon James, BT Business’s CEO, characterised the situation directly: UK SMEs now must defend themselves against the same highly complex threats faced by large enterprises, without the resources, expertise, or budget to match.

That asymmetry sophisticated, AI-enabled attacks against resource-constrained defenders is the defining structural challenge of SME cybersecurity in 2025. The solution has to address both sides: reducing the cost and complexity of deploying effective defences while maintaining the security capability level that the current threat environment requires.

What BT Has Actually Built – The AI-Powered Security Layer

The centrepiece of the BT Business launch is AI-powered cyber security for SMEs, underpinned by CrowdStrike’s technology and the significance of that partnership is worth examining specifically.

CrowdStrike’s Falcon platform represents the security capability that large enterprise security teams deploy to protect their endpoint infrastructure. The AI-native detection and response capability it provides continuous monitoring of endpoint behaviour, real-time identification of suspicious activity, automated remediation that stops threats before they cause damage has historically been accessible to organisations with enterprise security budgets and technical teams capable of deploying and managing sophisticated security platforms.

BT’s integration of CrowdStrike capability into an SME-accessible product changes that accessibility equation. The technical sophistication of the underlying platform does not change. What changes is the deployment model, the management interface, and the support infrastructure that makes enterprise-grade security deployable by a business owner who does not have a dedicated IT security team and cannot afford to develop the in-house expertise that operating a sophisticated security platform conventionally requires.

The real-time monitoring and automated remediation capability that the integration delivers means that attacks can be identified and stopped before they achieve their objectives without requiring a human security analyst to be available at the moment of attack, and without requiring the business owner to understand the technical details of what the platform is doing to protect them. The automation is the critical enabler: it provides the continuous, expert-level response that SMEs need but cannot staff for.

The CrowdStrike partnership provides BT with a capability foundation that has been validated in the most demanding enterprise security environments globally. That validation matters for the SME market specifically because it addresses one of the most common concerns that SME owners have about security products: whether what they are being sold actually works against real threats rather than just checking a compliance box.

The Free Support Infrastructure That Addresses the Awareness Gap

The AI-powered security product addresses the capability gap. The free support infrastructure that BT has built alongside it addresses the awareness and understanding gap which, for the 1.8 million SMEs without basic protection, may be as significant a barrier as cost.

BT’s own research found that over eight in ten SMEs believe personalised, in-person guidance would help them improve their security. That finding reflects something important about how SME owners relate to cybersecurity as a subject: they are not dismissive of the risk, and they are not resistant to addressing it. They are uncertain about what to do, uncertain about whether they are doing the right things, and uncertain about where to turn for advice they can trust and understand.

The four free tools BT has launched directly address that uncertainty.

The Cyber Health Check gives SME owners a starting point: a self-assessment that produces a cyber score and a prioritised action plan. The value of prioritisation is significant in an SME context where attention and budget are finite. An SME owner who knows that addressing two or three specific vulnerabilities will meaningfully reduce their risk can act on that information. An SME owner who receives an undifferentiated list of security best practices has no clear entry point for action.

The Cyber Guides service provides the human expert access that BT’s research identified as the most valued support format. Phone, online chat, and in-store access to cyber advisors means that an SME owner who has a specific question about a suspicious email, about a security warning they have received, about whether a specific tool they are using is secure can get a clear, practical answer from someone with expertise rather than navigating generic online resources that may not address their specific situation.

The AI Cyber Assistant provides the 24/7 availability that complements the human advisor service. Security questions do not arise on a business hours schedule. An SME owner who receives a suspicious message at 10pm on a Saturday needs to be able to get guidance immediately rather than waiting until Monday to call an advisor. The AI Cyber Assistant, drawing on guidance curated by BT’s security experts, provides that immediate response capability.

The Cyber Support Hub provides the reference resource layer practical explainers, how-to guides, and educational content developed in alignment with National Cyber Security Centre guidance. The NCSC alignment is a specific credibility signal that matters for the SME market, where the quality and trustworthiness of security advice varies enormously and where the NCSC brand carries genuine authority as the government’s national cybersecurity guidance body.

The National Security Dimension of SME Cyber Vulnerability

Jonathon Ellison, the NCSC’s Director for National Resilience, made an observation in the context of this launch that elevates the stakes beyond the individual business level: small businesses are certainly not immune from attacks and their potentially devastating consequences.

That statement from the NCSC’s national resilience lead is worth dwelling on because it frames SME cybersecurity as a national infrastructure question rather than simply a commercial one. The UK’s SME sector employs approximately 16 million people and accounts for around 50% of private sector revenue. It also comprises a significant portion of the supply chains that serve large enterprises and government meaning that cyber vulnerabilities in SMEs represent not just risk to those individual businesses but potential entry points into the broader national infrastructure through supplier relationships, shared systems, and third-party connectivity.

The 1.8 million unprotected SMEs are not 1.8 million isolated risk incidents. They are 1.8 million potential footholds for adversaries who understand that attacking a large, well-defended enterprise directly is harder than accessing the same enterprise through one of its less-defended suppliers or partners. Supply chain compromise which has been one of the defining attack vectors of the past several years often begins with exactly this kind of indirect access through less-protected third parties.

BT’s positioning of this launch as reinforcing its commitment to putting industrial-grade security within reach of every UK business reflects an understanding of the national dimension that purely commercial framing would miss. A company that prevents 4 million attacks on its networks every day occupies a specific position in the UK’s national cyber defence architecture and extending that protection to the SME businesses that transact over those networks addresses a gap that has national security implications as well as commercial ones.

What This Means for the UK SME Market

The BT Business SME cybersecurity launch is significant enough that it deserves examination not just as a product announcement but as a market intervention an attempt by one of the UK’s largest communications companies to reshape the SME cybersecurity landscape at scale.

The combination of AI-powered CrowdStrike-backed endpoint protection, free advisory services, a self-assessment tool, and a nationwide marketing campaign is designed to move through the multiple barriers that have kept 1.8 million SMEs unprotected simultaneously rather than addressing each barrier in sequence. Price accessibility, awareness of specific risks, understanding of what to do, and access to guidance that makes action easy each of these barriers has kept SME owners from improving their security posture, and addressing all of them together is what the scale of this launch reflects.

For the SME owner reading about this launch and recognising their own business in the 1.8 million statistic no basic protection, aware of the risk but uncertain what to do, concerned about cost, uncertain whether security products marketed to large enterprises are relevant or accessible to a business of their size the BT Business response is designed to be legible and actionable rather than technically overwhelming.

The 4,000 probes per device per day are not going to stop. The AI tools that are industrialising attack scale and sophistication are not going to disappear. The £3,550 average breach cost is not going to become less painful for the small business that absorbs it. What changes with this launch is the accessibility of the defence infrastructure that can actually address those threats bringing enterprise-grade capability within reach of the businesses that most need it and have most lacked it.

The gap between the threat and the defence that 1.8 million UK SMEs are currently living with is not acceptable for individual businesses or for national resilience. BT has decided to do something about it. The test, as with all programmes at this scale, is whether it reaches the businesses that need it most and whether those businesses act on what they find when it does.

Research and Intelligence Sources: The Fast Mode

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com