Small and medium-sized enterprises (SMEs) face growing cyber threats from phishing and ransomware to insider risks and shadow IT. For years, Microsoft’s flagship E5 security package was considered the gold standard in protection, but it came with a price tag that kept it out of reach for most smaller organisations.

That changed in 2025. Now, M365 Business Premium customers can bolster their cyber defences by adding the Microsoft 365 E5 Security add-on. This article covers what the add-on includes, how it elevates protection, and how SMEs can approach deployment strategically and cost-effectively.

What is the Microsoft 365 E5 Security add-on

In early April 2025, Microsoft released the E5 Security add-on for its Microsoft 365 Business Premium plan, a suite predominantly used by SMEs (up to 300 seats). What is great about this add-on is that rather than upgrading to the full Enterprise E5 suite, it lets SMEs adopt key security capabilities individually and more affordably. 

What’s included in this add-on?

This add-on significantly enhances Business Premium’s baseline security, which already includes features like Entra ID P1, basic Defender protection, and Purview DLP. It introduces Microsoft Entra ID Plan 2 which offers risk-based conditional access and identity protection powered by AI as well as: 

  • Microsoft Defender for Identity: Detects and responds in real time to identity-based attacks  
  • Microsoft Defender for Endpoint Plan 2: Adds threat hunting, live response, six-month data retention, and IoT device coverage  
  • Microsoft Defender for Office 365 Plan 2: Brings automated attack investigation, threat simulation, advanced hunting, incident investigation, and more  
  • Microsoft Defender for Cloud Apps: Empowers visibility and control over SaaS usage—and helps manage shadow IT  

Why this matters for SMEs

With the Microsoft 365 E5 Security Add-On, Business Premium customers get access to enterprise-level tools without paying for the full E5 license. Traditionally, the standard E5 plan bundled Microsoft’s most advanced security features into an all-in-one, top-tier license. The downside? It carried an enterprise-sized price tag that was out of reach for many SMEs.

By contrast, Business Premium + the E5 Security Add-On delivers the key security capabilities of E5 such as Extended Detection and Response (XDR) across identity, endpoints, email, and cloud apps, but at a fraction of the cost. This means SMEs, who often don’t have their own Security Operations Centre (SOC), can now access the same advanced defences as large enterprises.

And the savings are significant. Instead of paying for a full E5 license, the add-on can offer up to 57% cost savings compared with buying equivalent services individually.

Beyond licensing

Even the best tools need thoughtful deployment and management. SME leaders shouldn’t just “turn on” the features and forget; a structured plan is essential: 

  • Configuration and Management – Ensure security policies are configured properly from day one to avoid misconfigurations and alert fatigue  
  • Monitoring & Response – With active threat monitoring and incident response (even if using internal resources or a managed provider), you can pre-empt serious compromises  
  • Awareness & Training – Employees remain common attack vectors. Incorporate phishing simulations and cyber-awareness training to build a human first defence  
  • Review & Refresh – Cyber threats evolve rapidly. Regularly review and update configurations to ensure defences remain current  
  • Licensing Oversight – Measure satisfaction and value: are each of the tools actually being used effectively? If not, revise or de-provision to optimise spend  

If you’re looking for more information on how you could save more on your licensing costs, get in touch with our team who can help.