SMB security gaps drive new opportunities for channel players

Padlock made up of light blue lines in front of a dark blue background with circuit board pattern
(Image credit: Getty Images)

Small and medium-sized businesses (SMBs) might not think they present much of a target to threat actors. But this would be a dangerous assumption to make. 

According to the most recent government figures, 70% of medium-sized businesses in the UK suffered a breach or serious cyber attack over the past 12 months, versus 74% of large organizations. In fact, they are often singled out for attention, as many smaller firms lack the cybersecurity resources and expertise of their larger counterparts.

But it doesn’t need to be this way. In fact, the channel can play an outsized role in providing the tools and expertise that smaller organizations need to mitigate cyber risk effectively and continuously. The right vendor partnership can streamline the journey to becoming a managed security service provider (MSSP).

An existential threat

Headline-grabbing breaches at major corporations may have the biggest impact on the public. But SMBs should be in no doubt that they are a top target for financially-motivated threat actors. A recent threat report reveals that a third (31%) of ransomware breaches in Q1 2024 involved organizations of under 100 employees. 

Blue silver arrows pointing right indicating progress or forward movement

(Image credit: Getty Images)

Preparing the channel for change in 2024

A further 43% were breaches of companies with 101 to 1000 employees, meaning the vast majority of compromises during the first quarter of the year were effectively SMBs. The pattern is not unusual.

The threat for some SMBs can be existential. One UK SMB, Kettering-based logistics firm KNP, was forced to declare bankruptcy after a ransomware breach last year, leading to the loss of over 700 jobs. Alarmingly nearly two-fifths (38%) of mid-sized UK companies still don’t have any form of cyber insurance, according to the government.

These challenges are exacerbated by the lack of in-house cybersecurity skills in many SMBs. Getting the right hires can be difficult when larger firms command higher salaries, and the country in general is still tens of thousands of security professionals short of the number it needs. It’s compounded further by often poor in-house know-how on the part of regular employees. Just 30% of small and 52% of medium businesses have run training or awareness raising sessions on cybersecurity in the past 12 months.

Managing risk across the entire attack surface

The security challenges don’t end there. Reports at the start of 2024 suggested 69% of UK SMBs expect IT budgets to increase for the year. With much of this money going into new digital projects, SMBs are unwittingly expanding the size of their attack surface

That effectively gives threat actors more opportunities to find security holes to exploit - whether in cloud infrastructure and applications, endpoint devices or humans. Over two-fifths of global organizations believe their digital attack surface is “spiraling out of control”.

What does this mean for SMB security strategy? That it must go beyond basic endpoint coverage to span the entire attack surface - including email inboxes, networks, cloud environments, data stores, and identity

There are few security providers that can offer this kind of range, while also delivering comprehensive threat protection as well as detection and response capabilities. The latter are particularly important in a world where determined threat actors are more likely than ever to breach perimeter defenses. That makes it critical that threats are detected and contained before they can spread and cause serious damage.

How the channel can help

The good news for the channel is that SMBs increasingly understand the precarious position this puts them in, and are prepared to spend to mitigate critical cyber risk. Crucially, they increasingly don’t simply want to be sold complex security products. They often have neither the time nor the in-house skills and resources to deploy and manage them. Instead, they need a partner to deliver managed security services (MSS) that do the heavy lifting for them.

According to channel analyst CONTEXT, managed services accounted for only 0.6% of the total SME spend on cybersecurity in the UK in 2022. But last year this increased by 790% to a 5.1% share of SME spend. In the first four months of 2024, this has increased even further, to a 9.5% share.


Who SMEs partner with to deliver this kind of value will be key. The technology is critical. An integrated platform offering protection, detection and response will help them to manage risk most effectively across the customer’s entire attack surface. And one with managed detection and response (MDR) means the channel provider need not run their own Security Operations Centre (SOC) but can instead utilize the vendor’s own experts. These analysts will handle the evaluation of XDR alerts 24/7/365 and raise the alarm when action is needed.

Channel businesses have a great opportunity here, to help make UK PLC more cyber resilient and accelerate their journey as an MSSP. Those that find the right technology partner - with the experience, the tech and the support to drive profitability and growth - will find themselves in the driving seat.

James Munroe
Channel director, Trend Micro

James Munroe is channel director at Trend Micro, where he applies his more than two decades of experience in sales and channel to foster collaboration with value-added resellers, distributors, and end users.