SMEs: threatened by cyber risks

SMEs: threatened by cyber risks

Share post

Cyber ​​attacks are a challenge for SMEs. Around half of SMEs worldwide have been the target of one.

IT security challenge for small and medium-sized enterprises (SMEs). That's why more than half of them are calling for help in dealing with cyber risks. That's the finding of a new global study by Sage. The study reveals how SMEs perceive cybersecurity and outlines the key hurdles they face in this area.

With the study, Sage aims to demystify the topic of cybersecurity, transforming it from a daunting challenge into a tool that allows SMBs to focus on growing their businesses, developing their teams and delivering an excellent customer experience. This allows SMEs to focus on their own growth, developing their teams and providing the best possible customer experience.

The key findings of the study include:

  • Globally, 48 percent of SMEs experienced a cybersecurity incident last year, and 25 percent experienced more than one. The figure for Germany was even higher: 55 percent complained of a cybersecurity incident.
  • 70 percent of SMBs say cyber threats are a major problem. However, 72 percent feel confident in dealing with cybersecurity and 76 percent check it regularly. German SMEs, on the other hand, ignore this review in international comparison. Only 68 percent carry out regular inspections - the lowest figure of all the countries involved.
  • For 51 percent of SMBs, staying informed about new threats is the biggest challenge. The next challenges:
    – Ensuring employees know what is expected of them (45%)
    – Raising employee awareness of cybersecurity (44%)
    – Costs (43%).

With cyber threats on the rise, it is critical for SMBs to know what to consider, where to start, and how to keep costs in check if they want to protect their business against current cyber threats.

SMEs want more education and support

56 percent of SMEs want more education and support from cybersecurity companies, while 45 percent see government agencies and 43 percent trustworthy technology partners as responsible for this. More than half (52%) would like support with education and training.

“Navigating the fast-paced world of cybersecurity can be intimidating for SMEs as they often lack dedicated expertise. Our research shows that while they are serious about cybersecurity, they want guidance to better understand and reduce risks once they overcome the common misconception that a firewall and tools can provide sufficient protection." explains Ben Aung, EVP Chief Risk Officer at Sage. “At Sage, our mission is to simplify access to cybersecurity by building trust through knowledge, resources and a people-centric approach, enabling SMEs to strengthen their cybersecurity even with limited budgets.”

SMEs are less worried about cybersecurity

The study also shows that only 4 in 10 SMEs regularly discuss cybersecurity, usually when something changes or goes wrong internally or when working with another company. In terms of size, smaller companies are less concerned about cybersecurity, less knowledgeable about cyber controls, and generally invest less in cybersecurity. This is particularly true for German SMEs: only 54 percent were concerned about their cybersecurity - the lowest figure in an international comparison. They also had the least knowledge in this area. 60 percent could not answer what is meant by the term “ransomware”.

The study results also show that two thirds of SMEs are willing to spend more money to ensure better cybersecurity. 68 percent say they would choose a more expensive provider if it offered better security measures and provided more information about the privacy and security of its products.

Solutions that fit the size of SMEs

“In today’s digital world, cybersecurity hurdles are a constant companion for companies like ours. “We face threats to our data, phishing attempts and ransomware attacks every day – it’s a labyrinth out there,” said Lynne Pace, CFO & VP of Finance at Danson Construction. “It is a real challenge for a small company to balance security and growth. The digital world is shaping up to be a mystery that we cannot ignore. It's about protecting yourself and developing at the same time. And we have to find solutions that fit our size. In this journey, support from technology companies and government agencies is crucial. With their help, we can navigate this complicated landscape with more confidence.”

“Cybercrime is now a significant threat to small and medium-sized businesses,” comments Simon Borwick, Cyber ​​Security Partner at PwC UK. “Their digital presence can become a potential vulnerability within the supply chain. Dependence on large suppliers and government agencies requires a joint approach. At the same time, overcoming this looming challenge represents a unique opportunity to gain a significant competitive advantage, improve your company’s reputation and build trust.”

Other important results of the study at a glance:

  • 19 percent of SMEs rely exclusively on basic controls.
  • 58 percent of SMEs back up their data.
  • 80 percent of SMEs have a process in place to reduce cybersecurity risks from external employees.
  • 25 percent of companies that have such a procedure admit that not everyone follows it.
  • 52 percent would like more support in cybersecurity education and training.
  • 44 percent say economic uncertainty or increased costs of living have negatively impacted cybersecurity budgets.


The survey, commissioned by Sage, was conducted by independent market research firm Danebury Research between April 4 and April 15, 2023. The basis was 2.100 online interviews with decision-makers in SMEs with up to 499 employees.

The 2.100 interviews were spread across nine markets: UK (500), USA (500), France (100), Germany (100), Portugal (100), Spain (100), South Africa (100), Canada (500) and Australia (100). In addition to presenting global, overarching trends, the results were broken down into individual tables (per market) and regional samples.

More at


About Sage

Sage is committed to removing barriers so that everyone can be successful, especially in challenging times. This is especially true for the millions of small and medium-sized businesses served by Sage and its partners. Customers trust the company's IT systems, which ensure greater transparency and more flexible and efficient processes in the areas of accounting, business and human resources management.


Matching articles on the topic

Digital identities: five challenges for 2024

Last year, generative AI and the global IT security situation made headlines. Both have an impact on digital identities and ➡ Read more

The most dangerous malware in November: Formbook 1st place

The most common malware in November 2023 is the infostealer Formbook and the most frequently attacked industry is ISP/MSP. Command Injection ➡ Read more

AI-based cybersecurity is still in its early stages

Cybersecurity managers see the great potential that lies in AI-based security solutions, but they are still being widely implemented in companies ➡ Read more

IT specialists: 149.000 positions unfilled in Germany

According to the Bitkom survey, positions for IT specialists remain unfilled on average for over seven months. 77% of those surveyed expect that the ➡ Read more

Artificial intelligence: The most important trends in 2024

Further developments in the area of ​​artificial intelligence pose both cybersecurity risks and opportunities for companies. Especially in ➡ Read more

Predictions for the security of cyber-physical systems 2024

The major geopolitical crises of the past year, such as Russia's ongoing war against Ukraine and the Middle East conflict, have occurred ➡ Read more

CISOs in 2024

What do CISOs think will happen in 2024? One is Sergej Epp, Chief Information Security Officer (CISO) for Central Europe ➡ Read more

Cyberattacks 2024: New attack tactics

Constantly changing, new attack tactics and techniques to specifically exploit human weaknesses will challenge IT security managers in 2024. IT security experts will be with you ➡ Read more