SAN DIEGO & TORONTO — April 16, 2026 — ESET, a global leader in cybersecurity, today released its 2026 SMB Cyber Readiness Index – North America edition. This new report surveyed hundreds of small and medium-sized businesses (SMBs) from across the United States and Canada to uncover new insights into their cyber resilience, incidents and reporting, perceived threats, and investments – while analyzing the current appetite for managed services, cyber insurance and AI-powered applications.

In this new report, 87% of U.S. and 83% of Canadian SMBs said that they feel slightly to very confident that their business is cyber resilient. Across both countries, cyber resilience confidence rose to 91% and 88%, respectively, for businesses that had more than one cyber incident in the last year (over businesses that had zero or one incident during that timeframe). Across both regions, about half of respondents (47% in the U.S. and 52% in Canada) said that they don’t expect a change in cybersecurity budget this year.

“SMBs in the U.S. and Canada are entering a new phase of cybersecurity where attacks are becoming the new norm and an expected part of business operations,” said Tony Anscombe, Chief Security Evangelist at ESET. “We’ve seen significant shifts in how SMBs perceive today’s risks and how they prepare for them, relying more on cyber insurers to provide cybersecurity services and as a core part of their resilience strategy. While SMBs are worried about headline catching AI‑driven threats, most breaches are still a result of social engineering coupled with human error – including phishing, credential compromise and third party/supply chain risk.”

In order to manage cyber-attacks, SMBs are increasingly including cyber insurance in their resilience strategies to ensure compliance, financial stability and peace of mind when incidents occur. Today, 86% of U.S. SMBs carry cyber insurance, with over half deploying specific security controls (e.g., MFA, IAM, EDR/MDR) as part of their coverage conditions. Canadian SMBs only trail slightly with 78% carrying cyber insurance. In both countries, respondents who have had more than one incident are more likely to carry insurance.

On the AI front, Canadians are more cautious about the deployment of new AI applications than their U.S. counterparts. 69% of Canadian respondents said that they are integrating AI applications into their organization compared to 81% of U.S. respondents.

The 2026 Index surveyed 700 cybersecurity decision-makers across U.S. and Canadian organizations with 25 to 1,000 endpoints, uncovering new insights into SMB cyber readiness, incident response, cybersecurity tools and management, insurance and compliance, AI strategy, and more. Here are some additional highlights from the report released today:

“Perception vs. Reality”: Are SMBs worried about the right threats? 

• SMBs across the U.S. (32%) and Canada (34%) say AI-powered malware is their top concern for the year ahead, a signal of how dominant AI has become in headlines and boardroom conversations.
• But the actual causes of breaches paint a very different picture. In the U.S., the leading drivers of cyber incidents remain phishing (27%), lack of security monitoring (27%) and unpatched security vulnerabilities (25%). In Canada, attacks most often stem from phishing (21%), weak passwords (20%), and insufficient security monitoring (20%).
• Meanwhile, one of the most consequential risks, supply chain compromise, barely registers among SMBs’ top concerns in the survey, ranking eighth (17%) among U.S. respondents and 10th (16%) for Canadians – despite the potential for widespread downstream impact.
• Finally, 82% of U.S. and Canadian SMBs agree that cyber warfare and global conflict pose a real threat to their business, underscoring how interconnected today’s risks are.

Cyber insurance is influencing security behavior

• Incident experience is a major driver of cyber risk insurance adoption: 95% of U.S. and 92% of Canadian SMBs that suffered multiple incidents carry insurance, compared to 77% of U.S. and 68% of Canadian businesses with no incidents.
• In both markets, insurers are playing a more direct role in shaping security posture: 55% of insured U.S. SMBs and 41% of insured Canadian SMBs are required to implement specific controls, often involving continuous monitoring or MDR‑style services, as a condition of coverage.
• Of SMBs surveyed, 16% U.S. and 19% of Canadian respondents say that they outsource some or all of their cybersecurity. Of the U.S. companies that outsource, 35% of SMBs now outsource security to a cyber insurer offering MDR, 21% use an MDR vendor, 17% rely on an MSP/MSSP with MDR, and 27% still use a traditional MSP.
• Of the Canadian companies who outsource, 27% of SMBs now outsource security to a cyber insurer offering MDR, 8% use an MDR vendor, 27% rely on an MSP/MSSP with MDR, and 38% still use a traditional MSP.

Anscombe noted, “In cybersecurity, diversity is necessary to achieve a resilient ecosystem. While it’s heartening to see SMBs adopt cyber risk insurance, there needs to be greater awareness of potential monoculture issues as North American cyber insurers that provide managed services typically offer a limited choice of services and products. In fact, 72% and 66% of US and Canadian businesses respectively are concerned with the implications of single vendor ecosystems (i.e., security monocultures).”

Confidence rising meets increasing attacks

• Even as confidence rises, cyberattacks remain widespread across the U.S. and Canada, reinforcing the sense that cybersecurity incidents are now an inevitable part of doing business.
• In the U.S., 54% of SMBs experienced an incident in the past 12 months, including 22% who faced multiple breaches. Canada shows a similar trend, with 46% reporting at least one incident and 12% experiencing more than one. These numbers highlight how frequently SMBs are being targeted and successfully compromised, despite increased awareness and stronger budgets.
• This growing prevalence is shaping how SMBs think about risk, pushing many to build processes that assume disruption rather than hope to avoid it altogether. In fact, organizations with multiple incidents show the highest confidence levels. In the U.S., 52% of those with repeat incidents (and 42% of Canadians) identify as “very confident,” compared to firms with only one or no incidents.
• These repeatedly targeted organizations also report the strongest budgets, with 45% of U.S. SMBs in this category describing their cybersecurity funding as “more than sufficient” and expecting additional investment increases. Canadian firms were less enthusiastic with their budget – with 25% identifying their budgets as “more than sufficient.”
• Finally, cybersecurity confidence does not always correlate with company size in the United States. Larger U.S. SMBs (500–1,000 endpoints) are less likely to deploy advanced, proactive measures such as threat detection and response (24%) than smaller SMBs (34%), indicating that operational complexity may be outpacing modernization efforts even as confidence rises.

SMBs are still investing in awareness & training

• Across both the U.S. and Canada, cyber awareness training emerges as the top investment priority for the year ahead, reinforcing the reality that human error remains the most exploited weakness in today’s attacks.
• Over 90% of SMBs in both countries say training is “critical” or “very important,” with 42% of U.S. SMBs and 43% of Canadian SMBs planning to increase these investments in the next 12 months—making it the leading budget category in both markets.
• Nearly half of SMBs now go beyond basic training: 44% of U.S. organizations and 47% in Canada use structured programs that include phishing simulations, a shift likely driven by rising concern over AI‑driven phishing techniques and deepfake‑enabled impersonation threats.
• This emphasis on strengthening the human layer aligns closely with incident data, as phishing remains a top cause of breaches (27% in the U.S., 21% in Canada), underscoring why SMBs continue to invest heavily in awareness, behavior change, and simulation‑based resilience.

“Confidence is growing, but the reality is that most breaches still come from preventable issues like phishing, weak passwords, and monitoring gaps,” said Anscombe. “If cyberattacks are the new normal, then getting the fundamentals right matters more than ever.”

ESET’s 2026 SMB Cyber Readiness Index surveyed 700 cybersecurity decision‑makers across the United States and Canada in industries such as manufacturing, construction, healthcare, retail, telecommunications, transportation, and more. This included 500 respondents from the United States and 200 from Canada with 25 to 1,000 endpoints. Notably, 67% of U.S. respondents and 51% of Canadian respondents were their company’s primary decision makers for cybersecurity.

For media who would like to see the SMB data or to set up an interview, please reach out to pr@eset.com.

• Showcased at RSAC 2026, ESET’s upcoming AI security features will protect the full AI conversation flow by scanning both prompts and responses to reduce data exposure and compliance risks.
• Built as browser security features, they will shield against malicious links, scripts, and content generated by LLMs and prevent upload of sensitive and confidential data into public AI systems.
• ESET also presented its new endpoint security capabilities designed to secure personal AI assistants from AI supply chain attacks while creating a free, public ESET AI Skills Checker to detect risky and malicious behavior of AI skills before deployment.

SAN DIEGO, Calif., March 24, 2026 – ESET, a global leader in cybersecurity, today announced that it has received ©Intel vPro Certified App status for ESET PROTECT cybersecurity solutions. This certification validates that ESET PROTECT meets the rigorous efficiency and performance targets set for ©Intel vPro platforms, including enhanced user experience, extended battery life, preserved CPU usage and background performance for business customers.

“At ESET, we believe that world class protection must never come at the cost of performance,” said Juraj Malcho, CTO at ESET. “Reaching Intel ©vPro Certified App status reflects our dedication to innovation by engineering highly efficient security solutions. Through our collaboration with Intel, we’ve been able to elevate the performance and energy efficiency of ESET PROTECT by leveraging the advanced features of Intel’s hardware technologies.”

Since 2022, ESET and Intel have closely collaborated to deliver advanced ransomware protection through ©Intel Threat Detection Technology (Intel TDT) to customers around the world,
and—together—the companies have worked to enable Intel-powered AI PC users to take advantage of Intel’s hybrid processor architecture to access advanced protection and performance benefits. To gain Intel vPro Certified App status, ESET fine-tuned its products to efficiently run on Intel vPro. These efforts have delivered an 86% reduction in background activity, lowered CPU utilization by 72%, and increased power efficiency by 66% on Intel vPro powered PCs1.

As the latest chapter in the collaboration, ESET is in advanced evaluation of detection capabilities for ©Intel Threat Detection Technology – Deep Learning & Trace based Execution Context Tracker (©Intel TDT-DTECT). Intel TDT-DTECT presents a novel approach to detecting malicious activity by leveraging advanced AI techniques to analyze runtime x86 machine code execution, captured directly from the CPU. This method bypasses traditional security strategies that rely on file scanning, behavioral indicators, or cloud sandboxing, focusing instead on the actual instructions executed by the processor in real-time.

“Intel TDT-DTECT introduces a new approach to threat detection by applying AI to processor-level execution tracing, available uniquely with Intel” said Dennis Luo, Sr. Director and GM, Worldwide AI PC Developer Relations at Intel. “We’re working closely with ESET as they are implementing TDT-DTECT to offer commercial users an effective solution to counter advanced malware threats in today’s evolving cybersecurity landscape.”

Intel TDT-DTECT exemplifies a paradigm shift by embedding detection capabilities at the hardware execution level, enhancing security beyond conventional software-based methods. By innovating on top of Intel TDT-DTECT, ESET customers will gain better visibility and overall performance in the following areas:

• Polymorphic Malware Detection: Tracking malware families that constantly regenerate binaries or packers.
• Loader and Sideloading Identification: Detecting sophisticated loader frameworks designed to blend in with legitimate processes.
• Fileless and Memory-Resident Threats: Identifying in-memory payloads that leave no filesystem footprint.
• Distinguishing Legitimate vs Malicious Use: Differentiating benign and malicious execution paths of legitimate binaries.
• Early-Stage Behavior Monitoring: Capturing subtle initialization routines such as API hashing and sandbox checks that typically precede attacks.

These capabilities enable enhanced detection, threat hunting, and intelligence sharing, helping security teams intervene early and proactively.

Visitors to RSAC 2026 are able to hear more about this strategic partnership at ESET’s Booth N-5253 where Intel Corporation’s Global Lead for Security Partner Enabling, Client Computing Group, Tyler Welt, will present with ESET’s Vice President of Enterprise, SMB and MSP, Michal Jankech on the companies’ collaboration and latest innovations. Learn more at https://www.eset.com/us/business/rsac/.

©Intel, the Intel logo and other Intel marks are trademarks of Intel Corporation or its subsidiaries.

¹Based on ESET internal testing comparing Q2’26 Release Presets to the prior versions from Sept. 2025 in a fully configured live IT environment. See http://www.Intel.com/vPro for details. Results may vary.