News release

New Report from RSM Reveals Middle Market is Ground Zero for Cybersecurity Threats

May 07, 2020
May 07, 2020
0 min. read

Andreia DeVries, National Public Relations Manager,, 212.520.1266
for media use only 

The middle market is a prime target for cybercriminals, as security threats continue to increase year after year, according to the RSM US Middle Market Business Index (MMBI) Cybersecurity Special Report released today from RSM US LLP (RSM), in partnership with the U.S. Chamber of Commerce. The report revealed that while middle market companies understand the threat posed by cybercriminals, their protections have been unable to keep up with the continuously evolving methods attackers employ.

The report, which surveyed 700 full-time executive-level decision-makers across a broad range of industries in the middle market, found more than half (55%) of respondents indicated an attempt to illegally access their company’s data or systems is likely in 2020, a dramatic increase from 32% just six years ago. Additionally, 18% of middle market leaders indicated their companies experienced a data breach in the last year, up from 15% reported in the 2019 report and continuing the steady rise over the last six years. The good news is middle market companies understand the growing cybersecurity threats and are working to heighten their protections, with 71% of respondents reporting they have a dedicated function focused on data security and privacy (a 3% increase from the 2019 report).

The survey also explored the various forms of cyber attacks and revealed that the middle market continues to struggle with staying ahead of the tactics of cybercriminals. Ransomware threats remain prevalent within the middle market, with 41% of respondents saying they know someone who has suffered a ransomware attack, while 23% have suffered an attack themselves, an increase for both since the previous report. Nearly half (49%) of executives see their organizations as likely targets for a ransomware attack.

In this year’s survey, social engineering has taken the place of ransomware as the most popular type of attack in the middle market. Forty-nine percent of respondents indicated outside parties attempted to manipulate employees by pretending to be trusted third parties or high-ranking company executives, a 7% increase from the previous report. Attacks against the middle market continue to grow, and 63% of middle market executives say their businesses are likely at risk of an attempt to manipulate employees in the next 12 months.


RSM’s purpose is to deliver the power of being understood to our clients, colleagues and communities through world-class audit, tax and consulting services focused on middle market businesses. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business environment.

RSM US LLP is the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with 51,000 people across 123 countries. For more information, visit, like us on Facebook, follow us on Twitter and/or connect with us on LinkedIn.