The cybersecurity environment is extremely volatile for middle market companies.
Key takeaways
Controls and strategies must evolve to keep pace with emerging threats.
Understanding trends can help you develop a proactive cybersecurity approach.
The cybersecurity risk environment is more volatile than ever. Between cybercriminals having more tools in their arsenal and threats emerging from ongoing geopolitical conflicts, no company is immune to a potential breach. In addition, the rise of artificial intelligence innovations is a double-edged sword—companies can use AI to detect threats faster. However, hackers can also use the technology to launch more attacks much more efficiently.
Your cybersecurity controls must develop and mature to keep pace with evolving threats, and insight into current trends is critical for developing your strategy. The RSM US Middle Market Business Index Special Report: Cybersecurity 2024 recently detailed cybersecurity challenges, as well as actions companies are taking to combat emerging and ongoing risks.
Breaches are at a record high
28%
of middle market executives said they experienced a data breach last year, matching the highest number in the RSM survey’s history (2021).
20%
reported suffering a breach in 2023.
Cyber insurance is increasing in popularity
76%
of companies that report having a cyber insurance policy is also a record high in RSM research.
68%
of companies said they had a policy in 2023.
Staffing remains a challenge
61%
have two or fewer data security/privacy employees.
34%
of smaller middle market companies have no internal data security/privacy employees, but 27% of those use external providers for data security services.
Companies are focusing on digital identity
31%
of companies provide access as needed.
24%
give a single identity to access systems.
22%
use disparate usernames and passwords.
11%
say passwords are a thing of the past.
Third-party risk strategies are evolving
64%
of executives regularly evaluate cybersecurity controls at third parties.
58%
include service-level agreements and other data and security controls in contractual agreements.
53%
use governance, risk and compliance or other third-party risk management tools.
50%
include critical third parties in business continuity and disaster recovery planning.
Migration to the cloud is continuing
55%
of respondents reported migrating to the cloud as a result of security concerns in the past year.
89%
of executives say they feel more secure with their data in the cloud.
50%
of companies said they moved to the cloud for security reasons in 2023.
Managing cybersecurity threats has always been challenging, but as hackers become more nimble and broaden their scope, an already difficult task has become even more complex. However, by understanding how risks are evolving and where your business may be vulnerable, you can develop a more proactive cybersecurity approach.
RSM US MMBI
Cybersecurity 2024 special report
Our annual insights into cybersecurity trends, strategies and concerns shaping the marketplace for midsize businesses in an increasingly complex risk environment.
