CrowdStrike Unveils State of SMB Cybersecurity Report: High Awareness, Lagging Protection

AUSTIN, Texas--(BUSINESS WIRE)--CrowdStrike (NASDAQ: CRWD) today released its 2025 State of SMB Cybersecurity Report, uncovering a widening gap between cybersecurity awareness and readiness among small and medium-sized businesses (SMBs). While 93% of SMBs consider themselves knowledgeable about cybersecurity risks and 83% report having a plan in place, just 36% are investing in new tools – and only 11% have adopted AI-powered defenses.

Based on insights from SMB decision-makers across industries and company sizes, the research reveals that despite rising awareness, most SMBs still lack the budget, tools and in-house expertise to stop modern threats. With attacks becoming more advanced and frequent, SMBs need protection that’s easy to use, affordable to deploy and built to scale with their business.

State of SMB Cybersecurity Report Highlights:

• Smallest businesses are falling the furthest behind: Among SMBs with fewer than 50 employees, only 47% report having a security plan in place, and more than half allocate less than 1% of their annual budget to cybersecurity.
• Cost concerns drive decisions – but not always the right ones: 67% of SMBs prioritize affordability when selecting a cybersecurity solution, yet just 57% say they prioritize protection against advanced threats, and only 6.5% believe their current cybersecurity budget is truly sufficient.
• SMBs are overwhelmed by choice, under-supported on strategy: 50% of SMBs feel overwhelmed by the number of cybersecurity tools on the market, and nearly 70% rely on third-party guidance to inform buying decisions.
• Ransomware remains a top threat – especially for the smallest teams: Among SMBs under 25 employees who experienced a cyber incident in the past year, 29% reported ransomware – compared to 19% among larger SMBs.
• AI-driven Security Adoption Presents a Growth Opportunity: With only 11% of SMBs currently using AI-powered security, most are still early in their journey – highlighting a clear opportunity for growth-minded businesses to strengthen their protection with scalable, automated security that reduces operational costs and complexity.

“SMBs are increasingly aware of the cyber risks they face, but remain vulnerable to modern threats,” said Lisa Campbell, vice president of SMB at CrowdStrike. “Many know they need stronger protection but are held back by limited time, resources and expertise. They need solutions that are affordable and effective, without adding complexity – so they can turn awareness into action.”

CrowdStrike Falcon Go: Purpose-Built for SMBs

CrowdStrike is revolutionizing cybersecurity for small and medium-sized businesses with CrowdStrike Falcon® Go – delivering the protection they need to stop ransomware, prevent data breaches and defend against the threats traditional antivirus tools miss. With just a few clicks, SMBs can quickly deploy industry-leading, AI-powered security that’s purpose-built to be simple, effective and affordable. Falcon Go sets a new standard for SMB cybersecurity – bringing enterprise-grade protection to businesses of every size.

For more information on CrowdStrike’s 2025 State of SMB Cybersecurity Report and to learn about CrowdStrike’s unified platform approach, visit our website.

About CrowdStrike

CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

CrowdStrike: We stop breaches.

Learn more: https://www.crowdstrike.com/
Follow us: Blog | X | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/

© 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services.