CrowdStrike released its 2025 State of SMB Cybersecurity Report, uncovering a widening gap between cybersecurity awareness and readiness among small and medium-sized businesses (SMBs). While 93% of SMBs consider themselves knowledgeable about cybersecurity risks and 83% report having a plan in place, just 36% are investing in new tools – and only 11% have adopted AI-powered defenses.
Based on insights from SMB decision-makers across industries and company sizes, the research reveals that despite rising awareness, most SMBs still lack the budget, tools and in-house expertise to stop modern threats. With attacks becoming more advanced and frequent, SMBs need protection that’s easy to use, affordable to deploy and built to scale with their business.
Cyber Technology Insights : CrowdStrike and ExtraHop Expand Partnership to Stop Shadow AI Risks
State of SMB Cybersecurity Report Highlights:
- Smallest businesses are falling the furthest behind: Among SMBs with fewer than 50 employees, only 47% report having a security plan in place, and more than half allocate less than 1% of their annual budget to cybersecurity.
- Cost concerns drive decisions – but not always the right ones: 67% of SMBs prioritize affordability when selecting a cybersecurity solution, yet just 57% say they prioritize protection against advanced threats, and only 6.5% believe their current cybersecurity budget is truly sufficient.
- SMBs are overwhelmed by choice, under-supported on strategy: 50% of SMBs feel overwhelmed by the number of cybersecurity tools on the market, and nearly 70% rely on third-party guidance to inform buying decisions.
- Ransomware remains a top threat – especially for the smallest teams: Among SMBs under 25 employees who experienced a cyber incident in the past year, 29% reported ransomware – compared to 19% among larger SMBs.
- AI-driven Security Adoption Presents a Growth Opportunity: With only 11% of SMBs currently using AI-powered security, most are still early in their journey – highlighting a clear opportunity for growth-minded businesses to strengthen their protection with scalable, automated security that reduces operational costs and complexity.
Cyber Technology Insights : CrowdStrike Founder and CEO George Kurtz Named CEO of the Year by Evolution Equity Partners
“SMBs are increasingly aware of the cyber risks they face, but remain vulnerable to modern threats,” said Lisa Campbell, vice president of SMB at CrowdStrike.
Lisa added, “Many know they need stronger protection but are held back by limited time, resources and expertise. They need solutions that are affordable and effective, without adding complexity – so they can turn awareness into action.”
CrowdStrike Falcon Go: Purpose-Built for SMBs
CrowdStrike is revolutionizing cybersecurity for small and medium-sized businesses with CrowdStrike Falcon Go – delivering the protection they need to stop ransomware, prevent data breaches and defend against the threats traditional antivirus tools miss. With just a few clicks, SMBs can quickly deploy industry-leading, AI-powered security that’s purpose-built to be simple, effective and affordable. Falcon Go sets a new standard for SMB cybersecurity – bringing enterprise-grade protection to businesses of every size.
Cyber Technology Insights : CrowdStrike Unveils New Innovations to Secure Every Area of Cloud Risk
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
