Adapt or perish: SMBs and AI-driven cybersecurity challenges

N-able, a global cybersecurity company, has released a new research study titled Cybersecurity in the Age of AI: Moving from Fragile to Resilient. Authored by The Futurum Group, the report examines how AI is affecting the cyber threat landscape, particularly for small to midsized businesses (SMBs).

SMBs are operating in an environment where threats are increasing in scale and complexity, driven in part by AI-enabled automation and more interconnected IT ecosystems. Research cited by Futurum indicates that 62% of mid-market organisations report an increase in AI-driven phishing and deepfake scams. As AI becomes widely used for both legitimate and malicious purposes, traditional reactive cybersecurity approaches may struggle to keep pace with adversaries that are leveraging AI techniques. The report suggests that strategies incorporating AI into security practices are increasingly relevant.

The report identifies two key trends:

Accelerated Adversary Tactics:

Threat actors are using AI-enhanced reconnaissance, scalable social engineering methods, and potentially automated attack chains. SMBs, which often operate with limited resources and smaller security teams, may face challenges as AI reduces barriers to executing more sophisticated attacks.

Increased Internal Complexity and “Shadow AI”:

The adoption of AI tools for productivity has increased the complexity of IT environments. New APIs, external services, and unmanaged AI tools expand the attack surface and introduce visibility gaps that can make traditional monitoring more difficult.

To support SMBs in building resilience, the report outlines a three-pillar model:

• Minimise Exposure (Before): Strengthening endpoint security, managing configuration changes, and reducing the attack surface through automation and AI-supported insights.
• Reduce Impact (During): Using real-time behavioural detection, contextual intelligence, and containment measures to limit the effect of active threats.
• Maintain Continuity (After): Enabling recovery through verified data integrity checks and AI-supported processes to restore operations.

The framework is intended to help organisations manage AI-driven threats more effectively. Leadership from N-able emphasises that resilience requires proactive planning rather than a passive approach. A structured cybersecurity foundation is presented as important for identifying vulnerabilities, responding to threats, and supporting recovery.

The report also highlights the role of AI in improving security efficiency and addressing skills gaps, while noting that effective implementation depends on adopting appropriate strategies to manage risk.