The middle market continues to battle evolving cybersecurity risks
Cybersecurity continues to be a main concern for middle market companies, although the specific risks and challenges are constantly changing. RSM US has released the 2023 Middle Market Business Index Cybersecurity Special Report which indicates the last year has presented a wide range of threats, from economic uncertainty to geopolitical concerns, and new dangers on the horizon. However, it also reveals that organizations are constantly making adjustments and appear to be taking a more proactive cybersecurity approach.
The positive news is that despite the increasing pressure from various threats, the number of reported breaches is slightly down as organizations generally appear to sharpen their focus on cybersecurity challenges. But despite easing, the number is still elevated, and companies cannot afford to relax.
The survey of 406 middle market executives also highlights differences in how smaller and larger middle market companies are approaching cybersecurity and data privacy.
Key findings include:
- 68% of respondents stated they currently utilize a cyber insurance policy to protect against internet-based risks, up from 61% in last year's report.
The percentage of larger companies that reported carrying a policy jumped significantly to 70% this year from 57% in 2022, while the number of smaller middle market companies with cyber insurance increased to 67% from 65%.
- 20% of middle market executives claimed that their company experienced a data breach in the last year, a slight decline from 22% in last year's survey.
Larger middle market organizations were most at risk once again (28%) compared to smaller counterparts (12%).
- 35% of executives disclosed that they experienced a ransomware attack or demand in the last year, up from 23% last year.
Larger middle market companies reported a sizable increase in attacks with 54% this year compared to 29% in last year's report. Smaller organizations saw a slight decline in incidents to 13% from 16% last year.
- The reported frequency of business takeover attempts increased significantly in this year's data, with 58% of middle market executives indicating that outside parties attempted to manipulate employees by pretending to be trusted third parties or company executives, compared to 45% last year.
Larger companies indicated a sharp jump in incidents to 63% from 40%, while executives at smaller middle market companies reported a small increase in attacks to 53% this year from 51% in 2022.
The 2023 RSM US Middle Market Business Index Cybersecurity Special Report leverages data from over 400 senior executives of middle market companies, detailing their cybersecurity and privacy challenges, the frequency and severity of attacks, and ongoing concerns. It provides a glimpse into how the largest segment of the U.S. economy is implementing controls and strategies to address security threats, fighting back against cybercriminals and preparing for what's next.
While the cybersecurity risk environment remains very elevated, the MMBI report does indicate that the number of breaches reported among middle market companies dropped slightly in this year's data as protective strategies advance, new solutions become available and executives understand the consequences related to potential incidents. But companies cannot afford to let their guard down as threat actors are always lurking and attempting to exploit vulnerabilities.
Inside the report The report delivers a detailed perspective on several critical middle market cybersecurity topics, including information and data security, cyber insurance, ransomware attacks, business takeover threats, privacy protections compliance and migration to the cloud to ensure data security.
The report may be downloaded here. Registration may be required to view.
SOURCE: RSM
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.