Last week, N-able hosted its inaugural Cyber Resilience Summit, bringing together industry experts and security leaders to address the escalating threats facing small and medium-sized businesses.
The event's central message was clear: cyber resilience is fundamental to SMB survival. N-able CEO, John Pagliuca, opened the summit reinforcing this theme. Former EMEA Microsoft Chief Security Advisor, Sarah Armstrong-Smith, delivered the keynote, drawing on her extensive crisis management experience to outline why end-to-end cyber resilience has become essential for navigating 2025's threat landscape.
Align’s President of Managed Services, Vinod Paul, joined Kevin O'Connor (Director of Threat Research at N-able) and Francis Odum (Founder of Software Analyst Cybersecurity Research) for a security roundtable exploring key findings from the 2025 N-able Annual Threat Report. Here are the critical insights.
SMBs in the Crosshairs
SMBs aren't flying under the radar anymore. While major enterprise breaches dominate the news, there's an enormous amount of activity happening beneath the surface targeting small and medium businesses.
The numbers are staggering—the N-able report documented a 273% increase in detected threat instances over just one year, jumping from approximately 49,000 in June 2024 to over 13.3 million in June 2025.
The reason? It’s a numbers game. Collecting dozens of $50,000 ransoms from SMBs is often easier and faster than executing one massive enterprise attack.
The Resource Challenge
SMBs face a unique vulnerability. They're adopting the same cloud solutions, SaaS applications, and technologies that large enterprises use, but typically have far fewer security controls and dedicated staff to manage them.
Even small hedge funds and private equity firms with just two to four employees managing significant assets are prime targets. For these organizations, the lack of in-house technical expertise means the right partnership becomes essential to survival.
Separating Buzz from Bite
One of the most valuable discussions was distinguishing between headline-grabbing threats and the real operational risks burning SMBs right now.
The Real Threats:
- MFA fatigue and bypass - Many companies maintain very loose policies around multi-factor authentication, creating easy entry points
- Business email compromise - Increasingly sophisticated with AI assistance
- Ransomware-as-a-service - Industrialized and economized for targeting SMBs
- Social engineering - Coming through email, text messages, and now AI-generated voice calls
The AI Factor
Three years ago, it was much easier to identify a potential attack. AI has dramatically increased the level of sophistication, which makes attacks far harder to detect.
The old advice to look for spelling errors and grammatical mistakes no longer applies. Attackers can now create perfectly written emails and convincing deepfake voice calls with minimal effort. But there's a flip side. AI will also need to be part of the defense and help organizations prevent attacks at the speed and scale they're coming.
What Actually Works: Practical Defense Strategies
The good news? High-ROI defenses don't require enterprise budgets. The fundamentals still work, they just need to be implemented rigorously.
Policy Over Technology
Multiple layers of protection with the right tools must be in place. Selective security creates dangerous gaps. At Align, when prospective clients want to opt out of certain cyber protections, we decline to take them on. This stance recognizes that cutting corners on security isn't worth the risk for either party.
The Non-Negotiables
- MFA Enforcement - Enforced for every single account without exception. Attackers only need to find that one unprotected account to bypass all company controls and cause a major breach.
- Process Discipline - Particularly for financial transactions. Verbal verification before any wire transfer is essential. If there's any change in the established process, the transaction shouldn't proceed.
- Trusted Device Policies - Only allow managed, trusted devices to access systems. No exceptions.
- Identity as the New Perimeter - This represents a critical shift in thinking. Twenty years ago, the network was considered the perimeter. In today's world of cloud services and SaaS applications, identity has become the primary target and must be the focus of security efforts.
Continuous Awareness
Security awareness is a continuous process that must keep evolving as threats change daily.
The Bottom Line
SMBs face serious, growing threats, but practical, high-ROI defenses exist. Success requires doing the fundamentals exceptionally well and maintaining strict discipline around security policies.
At Align, we help financial services firms implement these fundamentals without compromise. If you'd like to discuss how we can strengthen your security posture, reach out to our team: https://www.align.com/contact
You can download the full 2025 N-able Annual Threat Report at https://www.n-able.com/resources/threat-report-2025 to dive deeper into the findings discussed in this session.
