According to GlobalData, total cybersecurity revenues for Western, Central and Eastern Europe for the Small Medium Business (SMB) segment (0-249 employees) will reach $20.32bn in 2027, with a CAGR of 13.3%, whereas the Large Business segment (over 250 employees) will generate $38.37bn, with a CAGR of 11.24%.

At a high level, these revenue forecast projections are indicative of SMBs being an important segment for cybersecurity. Consequently, cybersecurity providers, including large tier one and two, and local smaller players, are all attempting to pursue opportunities in the SMB segment.

However; the downside is that parts of the SMB and corporate segment have been suffering as a result of global economic challenges, resulting in tighter spending on enterprise ICT and IT. But there is some hope with incremental falling inflation in countries like the UK, helping to boost business confidence in 2024.

Changing SMB cybersecurity needs

Managed Security Services is a much needed offering to the SMB segment, where demand is driven by limited IT staff and resources. Varying by company size, MSSP services are mostly offered under a fully outsourced model, providing advanced threat detection, rapid incident response, 24/7 monitoring, and proactive security measures without the need for extensive internal resources.

Specifically, the most common cybersecurity solutions in place currently entail firewall or email antivirus solutions, simple cloud security layers, compliance security policies, and security awareness training and education.

Additionally, the lower down you go in company size (50 employees or fewer), key off-the-shelf commercial software (through resellers) from vendors like Microsoft, Avast, Norton and Kaspersky are prevalent, often delivered (with service support under a basic outsourced model) by resellers, local small security providers or systems integrator.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The bigger the company (200+ employees), more established national players and tier one providers (through reseller distribution channels) come into play, but delivering a bundle of solutions, encompassing software and outsourced cybersecurity services.

However; GlobalData’s interactions with the SMB segment highlight that there is still consensus amongst the SMB segment in their cybersecurity needs not being met. And partly this is influenced by the fact that cybersecurity from a business value perspective is difficult to measure – after all it doesn’t really address a manual business process function within a company.

This mindset together with the sheer volume of attacks in industry that are well documented now really concerns business owners and IT heads in the SMB segment.

Current MSSP mindset and required changes

Leading tier one MSSPs are at crossroads. On the one hand they have the capabilities to assist SMBs, but on the other are unable to compete with the local smaller providers that are offering cybersecurity services.

Leading tier one MSSPs, if they are addressing the SMB segment, attempt to re-package/tailor their existing current proposition that they are delivering to the Corporate segment. This results in a solution that is not only over-scaled for the SMB market but is also not aligned to SMB needs.

There are specific requirements that leading MSSPs should take into consideration when defining their cybersecurity roadmap for the SMB segment.

On the top of the list are security services that are highly automated, addressing provider internal OpEx, enabling them to differentiate on price and by making their MSS offerings digitally integrated.

Secondly, delivering solutions, business analytics and benchmarks, self-service functionality, education, and service support, through a centralised highly automated customer portal.

Lastly, flexibility in bundling solutions that enables SMBs that often procure technologies together across variety of solution areas.

However; realignment efforts for leading MSSPs to meet SMB needs will require a change in mindset, effort and investment. This will require redefining their MSSP proposition, utilising a high touch, asset light, automated approach. And with the level of competition that already exist and current performance challenges in their wider telco portion of the business, the hunger for leading MSSPs at this moment in time might not be there, even though the prize is potentially high.