AI and Human Error: A Cautionary Tale for SMBs
In a world where technology promises to revolutionize our lives, small and medium-sized businesses (SMBs) are taking a step back from the AI revolution, despite the ever-looming threat of human error.
Kaseya's recent research reveals an intriguing insight into the cautious approach SMBs are adopting towards AI in their cyber defense strategies. With human error remaining the top vulnerability, it's time to explore why these businesses are hesitant to embrace AI fully.
The research, drawn from Kaseya's 2026 Cybersecurity Outlook and 2025 Global IT Trends Report, surveyed Managed Service Providers (MSPs) and their SMB clients about industry trends and challenges. The findings paint a clear picture: AI, despite its potential, is not yet trusted by the majority.
But here's where it gets controversial... Only 12% of businesses fully trust AI to act autonomously, while a significant 18% still don't use AI at all for security enhancement. The reasons? Accuracy and data privacy concerns are the top barriers to adoption.
For those who have embraced AI, its applications are focused on email security (49%), enhanced endpoint protection (34%), and threat detection (32%). However, the number one vulnerability remains human error, largely due to poor user practices and inadequate training.
And this is the part most people miss... Phishing attacks, driven by human error, are the most damaging and persistent issue, affecting more businesses than any other form of attack. To date, 56% of respondents have been impacted, with nearly half experiencing an attack within the past year.
The lack of readiness is evident as breaches continue to have significant financial and operational impacts. Only 40% of respondents have a regularly tested, formal incident response plan. Downtime following security incidents is a real concern, with 37% of businesses losing a full day or more. Financial losses are also substantial, with 18% of companies suffering losses of $100,000 or more.
Penetration testing and threat monitoring, crucial for defense, are often lacking due to costs. A worrying 15% of businesses have no real-time threat monitoring, and of those that do, many are inconsistent or skip testing altogether.
However, Kaseya sees an opportunity here, highlighting pen testing as a profitable venture for MSPs, with nearly half reporting margins above 20%.
Despite the challenges, IT leaders remain focused on security and business continuity. Cybersecurity is the top challenge and investment priority for 49% and 52% of participants, respectively, closely followed by backup and recovery.
So, while SMBs navigate the complex world of cybersecurity, the question remains: Can AI be trusted to mitigate human error, or is it a technology still in need of refinement? What do you think? Share your thoughts in the comments below!
