Press release

MONTREAL, June 10, 2025 (GLOBE NEWSWIRE) -- Cyber threats are accelerating, but many small and medium-sized businesses (SMBs) are stuck in neutral. Despite increasing awareness and rising investment in cybersecurity, too few are making the leap from confidence to capability. In fact, 71% of SMBs say they feel confident in handling a major cybersecurity incident – yet only 22% report having an advanced cybersecurity posture, according to Devolutions’ newly released report, “The State of IT Security for SMBs in 2025.”

Based on input from 445 IT, security and executive professionals around the world, the report reveals that this gap between perception and reality is leaving many SMBs vulnerable – particularly in three key areas: Privileged Access Management (PAM), Artificial Intelligence (AI) adoption, and cybersecurity budgeting. Devolutions, a global leader in secure software solutions, conducted the study to help organizations better understand how they can bridge the divide between IT management and security – and where many are still falling short.

PAM: Still Manual, Still Risky

Despite its critical role in minimizing insider threats and credential abuse, 52% of SMBs still rely on manual tools – like spreadsheets or shared vaults – to manage privileged access. That number has grown since 2023.

“Manual access management isn’t just inefficient – it’s dangerous,” notes Maurice Côté, VP Product at Devolutions. “The human is often the weakest link – and spreadsheets don’t make us stronger. SMBs need lightweight, easy-to- deploy PAM tools designed for their reality.”

AI: Everyone’s Talking, Few Are Doing

From automated threat detection and anomaly spotting to predictive analysis and behavior-based access control, AI promises faster, smarter and more scalable defense. However, as the survey points out, promise and practice are two very different things. 71% of SMBs plan to increase their use of AI in cybersecurity, but only 25% are using it today – and 40% haven’t started at all. Concerns around cyberattacks on AI systems, data privacy, and skill gaps are slowing momentum.

“Artificial intelligence is a powerful advancement, but like fire, it must be handled with care,” said Martin Lemay, CISO at Devolutions. “It’s not without flaws, and its reliance on vast amounts of data makes strong governance and clear regulations essential to prevent misuse.”

Budgets Are Up – But Misaligned

While 63% of SMBs increased their cybersecurity spending, nearly a third still allocate less than 5% of their IT budget to security. Many organizations are spending more – but not necessarily spending smarter, and too many organizations still underfund their security efforts relative to their risk exposure.

“Budget increases are encouraging, but throwing more money at cybersecurity doesn’t work if it’s not aligned with real risks,” said Simon Chalifoux, CIO at Devolutions. “SMBs need to spend with intention – on tools, processes and training that match their environment.”

From Awareness to Execution

The big takeaway? SMBs know what’s at stake, but many still lack the tools, strategies and investment alignment to address threats effectively. Without modern PAM, practical AI integration, and smarter budgeting, real progress will remain out of reach.

“Cybersecurity isn’t a checklist – it’s a commitment,” said David Hervieux, CEO of Devolutions. “It’s not enough to feel secure; SMBs need to build the systems, habits and culture that make them secure. That means measuring their posture honestly – and investing like it truly matters. Because it does.”

Specializing in secure software solutions for SMBs, Devolutions has supported over a million users worldwide with tools for privileged access, remote connections, and password management. The company is focused on helping small IT teams strengthen security without adding unnecessary complexity. For more information about Devolutions and their solutions, please visit devolutions.net. To download a copy of the “The State of IT Security for SMBs in 2025,” visit this link.

About Devolutions

Established in 2010, Devolutions is a Canadian-based company located near Montreal, Quebec. With more than 1,000,000 users in over 140 countries, Devolutions is on a mission to develop innovative software that helps users cost-effectively, simply and effectively achieve their remote desktop management, password management, privileged access management, and cybersecurity goals. The company is also committed to providing exceptional technical support, ensuring an excellent user experience that exceeds expectations, and delivering high performance with superior quality. For more information about Devolutions and its solutions, visit devolutions.net, follow the company on LinkedIn, X and Instagram, like on Facebook or subscribe on  YouTube.

Media Contact:

Stephanie Olsen
Lages & Associates
(949) 453-8080
stephanie@lages.com

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/f44e71ff-dcdd-4fb9-b290-e62f7a26a56f