Small and medium businesses (SMBs) across the world are increasingly investing in cybersecurity as digital transformation continues to reshape the way organizations operate. With businesses relying more on cloud platforms, online services, remote work infrastructure, and connected devices, cyber threats have also become more sophisticated and frequent. This growing threat landscape is now forcing SMBs to allocate higher budgets toward strengthening their security posture.
According to a recent survey conducted by IDC, cybersecurity spending among SMBs is expected to witness significant growth over the next 12 months. The study gathered responses from nearly 2,200 SMB leaders across eight major markets, where organizations are facing a rise in advanced cyberattacks, including those powered by Generative Artificial Intelligence (Gen AI).
The survey revealed that almost 60% of SMBs are planning to increase their cybersecurity funding despite operating under tight financial conditions and global economic uncertainty. Many businesses are simultaneously dealing with slower economic growth, inflationary pressures, and the need to reduce operational costs. However, cybersecurity has emerged as a priority area that companies are unwilling to compromise on.
Industry experts believe that the increasing frequency of ransomware attacks, phishing campaigns, data breaches, and AI-enabled scams has made businesses more aware of the financial and reputational damage cyber incidents can cause. Unlike large enterprises that often have dedicated security teams and advanced defense systems, SMBs are generally considered easier targets by cybercriminals because of limited resources and smaller security infrastructures.
Another major concern highlighted in the report is the rise of Gen AI-driven cyber threats. Hackers are now leveraging artificial intelligence tools to create more convincing phishing emails, automated malware, deepfake content, and highly targeted attacks. This evolution in cybercrime tactics is pushing businesses to adopt stronger endpoint protection, identity management solutions, threat detection systems, and employee awareness training programs.
The survey also indicates that SMB leaders are beginning to view cybersecurity not just as an IT requirement, but as a core business necessity. Many organizations are prioritizing investments in cloud security, multi-factor authentication, zero-trust architecture, and managed security services to improve resilience against evolving threats.
Experts suggest that cybersecurity spending among SMBs will continue to rise in the coming years as digital adoption accelerates further. Businesses are increasingly realizing that proactive investment in security is far less expensive than dealing with the aftermath of a successful cyberattack, which can result in financial losses, legal liabilities, operational disruptions, and loss of customer trust.
Overall, the IDC survey reflects a growing awareness among SMBs that cybersecurity is no longer optional, but essential for long-term business continuity and digital growth.
Join our LinkedIn group Information Security Community!
