// INDUSTRY INSIGHT //

Experiencing a cyberattack is a costly experience for businesses and one which many SMEs would find it hard to withstand. Too many SME leaders hold the dangerous misconception that they are too small or obscure to be targeted aggressively by cybercriminals. They believe that their existing defences are sufficient. Farooq Khan, VP of Software Security at Netgear Business, explores why this is a high-risk perspective.

any small- and medium-sized

Industry data shows that SMEs are a frequent target for attackers. In the UK, 42 % of small businesses experienced a cybersecurity breach or attack in the previous 12 months, according to the Government’ s Cyber Security Breaches Survey 2025. This is approximately 612,000 UK businesses and 61,000 UK charities. While it is a small decrease in prevalence among businesses compared to 2024, when 50 % experienced a breach or attack, it still equates to hundreds of thousands of businesses impacted by the effects.

Nearly half of all reported breaches impact on organisations with fewer than 1,000 employees, a different study shows. Ransomware overwhelmingly targets smaller businesses, with the majority of attacks aimed at companies with under 1,000 employees on staff, and many of them with fewer than 100. While we undoubtedly recall the ransomware attack on M & S last year, smaller retailers are equally vulnerable, due to the valuable customer and payment details held as well as inventory information. It’ s no surprise that between 70 % and 80 % of retail businesses were reported to have faced an attack in 2025.

Why do attackers focus on SMEs? It’ s because cybercriminals understand they can be an easy target. With restricted budgets, fewer IT resources and limited security skills, SMEs rely on generalists within the company and free or consumer-grade tools to secure their organisations. In fact, nearly half of small firms report having no dedicated cybersecurity budget at all. Cybercriminals are poised to exploit that weakness.

The Cybercrime-as-a- Service model

And while SMEs may be an easier target, the data they hold is just as valuable as that of larger enterprises. Customer payment details, personal information and intellectual property are valuable commodities in the underground market and are often resold to other criminals to use in more advanced attacks, demonstrating the sophistication of the Cybercrime-as-a-Service( CaaS) economy.

What does this mean? It is how cybercrime has evolved. It mimics other, legitimate industries, in terms of having a globalised, multi-tiered business model which promotes specialisation, efficiency and scale.

This lowers the barrier for criminals, allowing attacks against poorly protected networks, such as those of many SMEs, to proliferate.

Yet despite the sophistication of the cybercrime economy, most breaches still begin with two very simple entry points:

AND WHILE SMES MAY BE AN EASIER TARGET, THE DATA THEY HOLD IS JUST AS VALUABLE AS THAT OF LARGER ENTERPRISES.

Farooq Khan, VP of Software Security, NETGEAR Business

Intelligent SME. tech

35