Cybersecurity is positioned as a vital priority for all companies, and SMEs are not exempt from this risk. With a growing number of more sophisticated cyber attacks and techniques, it is crucial that SMEs are proactive in their defense, prioritizing collaboration with managed service providers.
The implementation of robust solutions and the adoption of advanced technology are key to mitigating current threats. These are some of the data that are extracted from the Annual Cybean -Joint Report 2025 of Sonicwall, where an alarming increase in cyber attacks aimed at small and medium enterprises is revealed.
Cybersecurity in SMEs
The company presents data that indicate a drastic change in the nature of cyber attacks. The attacks are evolving with the use of artificial intelligence and automation, allowing criminals to exploit vulnerabilities in record time. In particular, the report highlights that 61% of exploitation cases occur in just 2 days, while organizations need between 120 and 150 days to implement critical patches. This shows the disadvantage of time that many companies face.
In addition, there has been an explosive increase of 259% in ransomware in Latin America and 8% in North America. These numbers underline the magnitude of the threat representing ransomware attacks for SMEs, which usually have less resources to mitigate this risk. Awareness and preparation are now more crucial than ever, and counting on the support of a managed service provider becomes essential to reinforce its defenses.
The expansion and complexity of attacks
The report also addresses the growing complexity of cyber attacks. Sonicwall has detected 210,258 malware variants never seen before, which represents about 637 new threats every day. At the same time, attacks on Internet devices (IoT) have increased by 124%, while encrypted threats have grown by 93%.
Cybercounts move faster than ever: Sonicwall warns SMEs about the importance of not fighting alone
An alarming element that stands out is that the new attack methods, such as the vulnerabilities of “living off the land bininies” (Lolbins), have allowed cybercriminals to execute their attacks without leaving evident traces, further complicating the panorama of cybersecurity. This silent and strategic approach makes traditional defenses inadequate for current needs.
The need for proactive measures
Given the growing cunning of cybercriminals, SMEs should consider the adoption of proactive measures in their cybersecurity approach. Companies must prioritize solutions that incorporate real -time threat intelligence and monitoring capabilities. In fact, the report indicates that 76% of ransomware attacks occur outside working hours often in times of low supervision, such as at 4 am, which in parallel increases the importance of having an always active response team.
In addition, Sonicwall emphasizes the importance of having a managed service provider that provides continuous support. Managed security services allow SMEs to focus on their operations while cybersecurity experts guarantee adequate protections.
Key report statistics
The report data provides a clear vision of the current situation, with the following key statistics:
- The attacks on business email (BEC) systems have grown dramatically, representing about 30% of all reported cyber events. In 2023, this figure was only 9%.
- Ransomware has been the main cause of gaps in the health sector, representing 95% of the incidents in the industry. This suggests that certain sectors are more vulnerable to specific attacks, which makes prevention even more critical.
- In terms of time under critical attacks, the report indicates that companies experience an average of 68 days of intense cyber attack pressure, which could lead to the loss of significant resources if there is no solid cybersecurity plan.
