Press release
CrowdStrike Unveils State of SMB Cybersecurity Report: High Awareness, Lagging Protection
While 93% of SMBs are knowledgeable of cyber risk and 83% have plans in place, limited investments in advanced technologies leave organizations exposed
About this update from Crowdstrike Holdings, Inc.
[{"type":"text","content":"\nWhile 93% of SMBs are knowledgeable of cyber risk and 83% have plans in place, limited investments in advanced technologies leave organizations exposed\n\n AUSTIN, Texas--(BUSINESS WIRE)--\nCrowdStrike (NASDAQ: CRWD) today released its 2025 State of SMB Cybersecurity Report, uncovering a widening gap between cybersecurity awareness and readiness among small and medium-sized businesses (SMBs). While 93% of SMBs consider themselves knowledgeable about cybersecurity risks and 83% report having a plan in place, just 36% are investing in new tools – and only 11% have adopted AI-powered defenses.\n\nBased on insights from SMB decision-makers across industries and company sizes, the research reveals that despite rising awareness, most SMBs still lack the budget, tools and in-house expertise to stop modern threats. With attacks becoming more advanced and frequent, SMBs need protection that’s easy to use, affordable to deploy and built to scale with their business.\n\nState of SMB Cybersecurity Report Highlights:\n\n\nSmallest businesses are falling the furthest behind: Among SMBs with fewer than 50 employees, only 47% report having a security plan in place, and more than half allocate less than 1% of their annual budget to cybersecurity.\n\n\nCost concerns drive decisions – but not always the right ones: 67% of SMBs prioritize affordability when selecting a cybersecurity solution, yet just 57% say they prioritize protection against advanced threats, and only 6.5% believe their current cybersecurity budget is truly sufficient.\n\n\nSMBs are overwhelmed by choice, under-supported on strategy: 50% of SMBs feel overwhelmed by the number of cybersecurity tools on the market, and nearly 70% rely on third-party guidance to inform buying decisions.\n\n\nRansomware remains a top threat – especially for the smallest teams: Among SMBs under 25 employees who experienced a cyber incident in the past year, 29% reported ransomware – compared to 19% among larger SMBs.\n\n\nAI-driven Security Adoption Presents a Growth Opportunity: With only 11% of SMBs currently using AI-powered security, most are still early in their journey – highlighting a clear opportunity for growth-minded businesses to strengthen their protection with scalable, automated security that reduces operational costs and complexity.\n\n\n“SMBs are increasingly aware of the cyber risks...