The second annual CyberSmart MSP Survey found that MSPs feel broadly confident in their cyberknowledge and abilities, despite suffering multiple breaches in the past year.
Cybersmart, a leading provider of cyber risk management for small businesses, has released the findings from its second annual CyberSmart MSP Survey, which focuses on the security of Managed Service Providers (MSPs) and their customers.
The 2025 report revealed that 69% of MSP leaders globally admitted to being hit by multiple breaches over the past 12 months, despite remaining confident in the security of the MSPs they work for. Shockingly, almost half (47%) of those surveyed experienced three or more breaches in the last 12 months.
The 2025 research, conducted by OnePoll, features insights from 900 MSP leaders from the UK, France, Belgium, Australia, New Zealand, Sweden, Germany and the Netherlands, with customers of varying sizes ranging from one to 250-plus employees.
Despite the fact that 69% of MSPs experienced multiple cyberbreaches in the past year, over three-quarters (76%) of respondents reported either complete or above-average confidence in their organisation’s cybersecurity posture. While confidence can be a positive indicator, this highlights a potential disconnect between perceived readiness and actual resilience to cyberthreats.
However, given their role as cybersecurity providers and advisors to their clients, it is worth noting that most MSPs do display above-average levels of cyberconfidence, especially when compared to other businesses. Additionally, the number of MSPs who described their cyberconfidence levels as average or above (96%) has remained consistent with the results in 2024. 97% of those we surveyed last year rated their cyberconfidence levels as ‘fair’ or ‘great’.
What’s more, outside the 20% who categorised their cyberconfidence as complete in 2025, most MSPs (80%) recognised there was some room for improvement, indicating the importance of continued education and the need for consistent and timely guidance.
“As attack attempts on MSPs rise, it can be easy to blame overconfidence. However, most MSP leaders do have above-average cyber knowledge as part of their job, no doubt because of the supporting and advisory roles they play for customers,” said Jamie Akhtar, CEO and Co-Founder of CyberSmart. “What these results really show is that the majority of MSP leaders are willing to engage with the wider community to improve their cybersecurity posture, protecting themselves and their customers from attacks. Ultimately, to stay ahead of attackers in this constantly changing discipline requires the right partners, latest resources and best-in-breed security tools.”
Interestingly, MSPs also reported high levels of confidence in their customers’ cybersecurity awareness. The vast majority (93%) said they felt confident in their customers’ overall cyberposture. In fact, 45% assessed their customers as having above-average confidence, while 17% described them as completely confident.
These results are broadly consistent with last year’s findings, when 86% of MSPs felt their customers had a ‘great deal’ or ‘fair amount’ of cyberconfidence. In 2025, that figure remains high, with 85% of respondents saying their customers have at least average cybersecurity knowledge, and a combined 53% rating them as above average or expert level.
