Keeping on top of new threats is the biggest cybersecurity challenge facing small and mid-sized businesses (SMBs) today – and more than half are calling for help to manage the risks, according to new global research by Sage.

Through the study, Sage says it aims to demystify cybersecurity and turn it from a daunting challenge to an empowering tool so SMBs can focus on growing their business, developing their teams, and providing outstanding customer experience.

Across the nine countries surveyed, the research reveals:

* 48% of SMBs have experienced a cybersecurity incident in the past year, and 25% (one in four) have experienced more than one. In South Africa, the most mentioned incident was stolen laptops (28%), with fewer reported ransomware attacks (9%).

* 70% of SMBs say cyberthreats are a major concern – however, 72% feel confident about managing cybersecurity, and 76% regularly review it.

* Keeping on top of new threats is the biggest challenge for 51% of the respondents, followed by 45% ensuring employees know what’s expected of them, educating staff about cybersecurity (44%), and cost (43%).

With cyberthreats multiplying, knowing what is important, where to start, and overcoming cost barriers is critical for SMBs that want to bolster their cyber resilience.

Ben Aung, executive vice-president and chief risk officer at Sage, says: “Navigating the fast-paced world of cybersecurity can be overwhelming for SMBs who often lack dedicated IT expertise,” says Ben Aung, EVP and Chief Risk Officer at Sage. “While our research highlights their genuine concern for cybersecurity, they seek guidance to comprehend and mitigate risks beyond the misconception of merely relying on firewalls and tools.”

The research also reveals that only four in 10 SMBs discuss cybersecurity regularly, mostly when something changes or goes wrong internally or with another company. In terms of size, smaller businesses are less concerned with cybersecurity, have less knowledge about cyber controls, and generally invest less in cybersecurity.

Eighty-three percent of South African SMBs expect cybersecurity companies to do more to educate and support them, while 45% put the onus on governments to act, and 50% on trusted tech partners. More than half (69%) of South African SMBs want support with education and training. South African SMBs are concerned with cybersecurity and their investment (79%) in cyber controls is among the highest amidst the current economic and cost of living conditions.

Kevin Thompson, senior cloud operations manager at Sage Africa and Middle East, says: “It is not surprising to see that South African SMBs are concerned about cybersecurity as many may lack the required in-house expertise and we have seen a dramatic increase in local cyber events over the past few years.

“Numerous businesses have suffered from data breaches forcing them to seek solutions for potential dangers in the future. According to the report, SMBs and large corporations use comparable services and infrastructure which means the assaults they encounter are becoming more similar.”

The research findings also highlight that two-thirds of SMBs are prepared to spend more to ensure better cybersecurity with 68% saying they would use a more expensive supplier and devote more budget to a company if they had better security and displayed more information about the privacy and security of their products.

Currently, 64% of SMBs use cyber insurance and 74% plan to use it next year. At the same time, 91% expect their investment in cybersecurity to either increase or remain the same in the coming year.