Skip to main content
Marsh logo

Report

Why the cybersecurity gap between SMEs and large organisations matters

Download report

18/02/2025 · 2 minute read

Uncover the cyber resilience gap facing SMEs compared to large organisations as we explore the urgent need for robust cybersecurity measures in the wake of rising cyber threats.

Small and medium-sized businesses (SMEs) across the European Union are lagging behind larger organisations in cybersecurity by an average of 15%. In Why the cybersecurity gap between SMEs and large organisations matters, developed in collaboration with the Federation of European Risk Management Associations (FERMA), Marsh highlights the significant challenges SMEs face in achieving cyber resilience.

Key Insights from the Report:

  • Cyber Resilience Gap Analysis: The report analyses the cyber resilience gap among SMEs, mid-cap, and large organisations—defined by annual revenues of less than €51 million, between €51 million and €250 million, and over €250 million—using data from Marsh’s Cyber Self-Assessment tool.
  • Implementation Rates of Cybersecurity Controls: Discover that large organisations implement cybersecurity controls at significantly higher rates than SMEs, with 91% requiring multi-factor authentication for remote logins compared to just 75% of SMEs. Additionally, only 40% of SMEs test their incident response plans, in contrast to 61% of large organisations.
  • Training and Preparedness: The report reveals that cybersecurity training is mandatory for employees in 85% of finance SMEs, while only 58% of manufacturing SMEs have similar requirements.

Download the full report and empower your organisation with the knowledge needed to enhance cyber resilience.