News release

New Report from RSM Reveals Middle Market is Ground Zero for Cybersecurity Threats

May 07, 2020

Kimberly Bartok, National Public Relations Leader,, 212.372.1239
Andreia DeVries, National Public Relations Manager,, 954.449.8096
for media use only 

New Report from RSM Reveals Middle Market is Ground Zero for Cybersecurity Threats

CHICAGO – (May 7, 2020) – The middle market is a prime target for cybercriminals, as security threats continue to increase year after year, according to the RSM US Middle Market Business Index (MMBI) Cybersecurity Special Report released today from RSM US LLP (RSM), in partnership with the U.S. Chamber of Commerce. The report revealed that while middle market companies understand the threat posed by cybercriminals, their protections have been unable to keep up with the continuously evolving methods attackers employ.

The report, which surveyed 700 full-time executive-level decision-makers across a broad range of industries in the middle market, found more than half (55%) of respondents indicated an attempt to illegally access their company’s data or systems is likely in 2020, a dramatic increase from 32% just six years ago. Additionally, 18% of middle market leaders indicated their companies experienced a data breach in the last year, up from 15% reported in the 2019 report and continuing the steady rise over the last six years. The good news is middle market companies understand the growing cybersecurity threats and are working to heighten their protections, with 71% of respondents reporting they have a dedicated function focused on data security and privacy (a 3% increase from the 2019 report).

The survey also explored the various forms of cyber attacks and revealed that the middle market continues to struggle with staying ahead of the tactics of cybercriminals. Ransomware threats remain prevalent within the middle market, with 41% of respondents saying they know someone who has suffered a ransomware attack, while 23% have suffered an attack themselves, an increase for both since the previous report. Nearly half (49%) of executives see their organizations as likely targets for a ransomware attack.

In this year’s survey, social engineering has taken the place of ransomware as the most popular type of attack in the middle market. Forty-nine percent of respondents indicated outside parties attempted to manipulate employees by pretending to be trusted third parties or high-ranking company executives, a 7% increase from the previous report. Attacks against the middle market continue to grow, and 63% of middle market executives say their businesses are likely at risk of an attempt to manipulate employees in the next 12 months.


RSM is the leading provider of professional services to the middle market. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business landscape. Our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential.

RSM US LLP is the U.S. member of RSM International, a global network of independent assurance, tax and consulting firms with 57,000 people in 120 countries. For more information, visit, like us on Facebook, follow us on Twitter and/or connect with us on LinkedIn.