MSPs shift towards compliance as SMBs prioritize rising costs

Small and medium-sized businesses (SMBs) are increasingly prioritizing operational challenges over cybersecurity concerns, new research shows, and this trend is creating new opportunities for MSPs.

That’s according to the CyberSmart MSP Survey 2026 report, which surveyed 350 MSPs across the UK and Ireland. The study found that 46% of MSP customers are now more concerned about issues such as inflation and rising costs than security risks, despite growing threat levels.

Meanwhile, MSPs themselves identified AI-driven threats as the number one security challenge facing the channel, with almost half (49%) ranking AI as their top concern for the second year running.

Inflation and increasing costs jumped from fifth to third place (38%), likely driven by geopolitical instability and economic uncertainty.

Latest Videos From

MSPs also remain a key target for cyber criminals, the study found, with three-quarters of respondents revealing that they were hit by at least one breach over the last twelve months.

Over half (54%), meanwhile, said they had experienced two or more breaches over the same period, while 32% reported three or more incidents.

CyberSmart said the findings highlight the growing disconnect between rising cyber risk and the day-to-day operational pressures being faced by SMB customers.

“Cyber risk and economic pressure are now inseparable,” commented Jamie Akhtar, CyberSmart’s CEO and co-founder. “MSPs can no longer sell cybersecurity in isolation when rising costs dominate customer priorities. The real challenge has moved beyond the tech stack into liability, compliance and accountability.”

Notably, more than half (59%) of MSPs believe their customers are now at a greater cyber risk than they were a year ago.

Despite this, 46% of respondents said inflation and spiraling costs are now viewed as a greater threat to customers than ransomware and malware (41%), emerging AI threats (37%), and supply chain risks (25%).

Increased demand for compliance support

According to CyberSmart, the role of MSPs appears to be evolving beyond traditional IT and security services amid growing customer expectations around compliance.

The survey found that 61% of customers now expect MSPs to assist with these requirements, with providers responding by increasing investment in compliance and regulatory services.

CyberSmart added that MSP spending in this area has increased from 64% to 72% year-on-year.

With this greater demand, many MSPs are now positioning themselves as managed compliance service providers alongside their cybersecurity and infrastructure roles – particularly as frameworks such as Cyber Essentials are adapting to keep companies accountable for security commitments.

Shifting MSP investment priorities

As SMBs increasingly seek support in maintaining compliance throughout the year, MSPs said they are prioritizing investments in staff training (51%), continuous monitoring capabilities (46%), as well as proactive risk management (44%) across the next one to three years.

Amid this shift, the study also revealed that scrutiny on MSPs may be beginning to stabilize, with 70% reporting increased customer oversight in 2026 – down slightly from 77% last year.

CyberSmart said this decrease suggests security and compliance expectations are becoming a more standardized element of procurement and vendor management processes.

“For SMEs, the key is embedding security into day-to-day operations and working with trusted partners to maintain resilience without adding unnecessary complexity or cost,” Akhtar added.

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.