SME News Q2 2026/ 4ews Almost TwoFifths of SME Employees Report Cybersecurity Responsibilities Beyond Their Job Description • New survey of SME employees explores gaps in training, confidence and support among those with cybersecurity responsibilities • Just 39% of SME employees with cybersecurity responsibilities have received comprehensive training • Over half (51%) feel only ‘somewhat confident’ in managing cybersecurity risks • Nearly two-thirds (64%) have felt out of their depth at least sometimes when dealing with a cybersecurity issue at work • More than two-fifths (45%) cite a lack of training as the biggest barrier their organisation faces in managing cybersecurity • Business broadband experts share tips to support employees managing cybersecurity responsibilities in SMEs. More than two in five (43%) businesses reported a cybersecurity breach or attack in 2025. Against this backdrop of cyber threats, the Uswitch Business Broadband experts surveyed SME employees to explore how cybersecurity is being managed within organisations and the pressures faced by non-specialist staff. Cybersecurity responsibilities often fall outside of formal job roles in SMEs. Almost two-fifths (37%) of employees surveyed say cybersecurity was not part of their job description when they started their role, while 14% are unsure or cannot remember. The findings highlight inconsistency in how cybersecurity responsibilities are assigned and communicated across SMEs, with many employees taking on duties that were not formally defined in their role. More than half of SME employees lack formal cybersecurity training. The lack of clearly defined responsibility is also reflected in training levels, as over one in six (16%) say they have never received any relevant cybersecurity training, while 45% have only completed basic training. Just two-fifths (39%) report having received comprehensive cybersecurity training. SME employees report confidence in their cyber skills, but some still feel underprepared. One in five (20%) say they are very confident in managing cybersecurity risks, while 51% are only somewhat confident. A further 21% remain neutral, with 7% not very confident and 1% not at all confident. While confidence is broadly positive across SMEs, the findings highlight a minority of employees who lack certainty when dealing with cybersecurity risks. Cybersecurity challenges often push SME employees beyond their comfort zone. More than half (52%) of SME employees sometimes feel out of their depth when dealing with cybersecurity issues at work, while 12% say they feel this often. Almost a quarter (24%) say they rarely feel out of their depth, while 6% say they never do. These findings suggest that uncertainty and a lack of confidence are relatively common among SME employees dealing with cybersecurity issues, with many staff potentially managing these responsibilities without specialist expertise or extensive preparation. Training gaps are the biggest barriers to effective cybersecurity in SMEs. Almost half (45%) of SME employees say a lack of training is the biggest barrier their organisation faces in managing cybersecurity. This is followed by a lack of dedicated staff (31%) and limited budgets (20%) For more guidance on improving cybersecurity awareness at work and staying safe online, visit Uswitch Business Broadband.
RkJQdWJsaXNoZXIy MTUyMDQwMA==