By Guy Moskowitz, CEO, Coro
Market forces are working against medium-sized businesses, leaving companies that don’t have large, dedicated security teams and fat cyber security budgets exposed to cyber threats. When combined with the global pandemic and the fact that cybercriminals have expanded into mid-market targets, medium-sized companies face greater risk than ever, and it’s time IT leaders and the industry step up to take care of this gap.
Three factors have arisen that have had dire consequences for medium-sized businesses:
- The cyber security industry has neglected the mid-market in its pursuit of enterprise-grade security solutions with proportional enterprise price tags.
- The global pandemic accelerated the trend toward remote work and adoption of cloud platforms, leaving many companies with much larger attack surfaces, and an out-of-date cybersecurity architecture.
- Due to the commoditization of cyberattacks, cybercriminals turned their eyes toward the mid-market, which has proven to be less sophisticated and less funded in terms of cyber security.
The Cyber Security Market Has Failed Medium-Sized Businesses
The cyber security market has bifurcated into large, enterprise solutions and niche point solutions. Mid-market companies are stuck in an inhospitable middle, where they don’t have the budget and resources to purchase large enterprise solutions, but also have too much complexity and the attack surface for point solutions to be effective in providing security.
The high cost of implementing and operating security solutions severely impedes their adoption by mid-market companies. Companies with 1,500 or fewer employees often have limited cyber security budgets and very few dedicated security professionals – if they have any specialists at all. Hundreds of employees and thousands of endpoints create an attack surface that stretches IT, teams, to their limits. Mid-market companies are therefore forced to make bets on the most probable attack vectors to defend against, leaving the rest of the attack surface exposed.
The Pandemic-Driven Shift Toward Remote Work Caught IT Departments Flat Footed
Nobody was ready for large-scale remote work in 2020. Teams were not culturally prepared to conduct business online, office software wasn’t designed for remote work as its primary use case, and IT departments had mostly focused on on-site and VPN-style security. The shift to predominantly remote work in 2020 and 2021 disrupted every aspect of business and created huge opportunities for attackers seeking to exploit the relative naivete of the new cloud working environment.
In Coro’s recent report analyzing mid-market cyber security, we found that while 50% of medium-sized companies had email malware protection in place in 2021, 88% of them had misconfigured their protection settings. Meanwhile, only 16% of mid-sized companies had email phishing protection in place, and 71% of them had misconfigured settings. Other attack vectors fared similarly or worse. This means many of the technologies deployed by IT teams, and especially the new ones deployed since the beginning of the pandemic to enable remote work, offer little actual protection against emerging classes of cyber threats.
Cyber Criminals Are Turning Downstream for Easier Pickings
A big score against a large enterprise is exciting for a cybercriminal, but so is the prospect of several smaller, easier scores. We observed this in practice in 2021 as attacks on medium-sized companies increased both in volume and in sophistication.
Specifically, we saw that attacks on mid-market companies increased by 150% in the past two years. Moreover, these attacks are not just generic (AKA naive) attacks but are increasingly tailored attacks for the particular victims being targeted by the hackers. Customized attacks against mid-market companies have expanded 4x in 2021. Insider threats, whether accidental or malicious, have also doubled in 2021, showing the greater role employees have played in cyber vulnerabilities during the pandemic.
Closing the Mid-Market Cyber Security Gap with Intelligent Automation and AI
Mid-market spending on cyber security was up in 2021 as companies began to feel the heat from cybercriminals testing their defenses. But most of the industry’s comprehensive cyber security solutions are aimed at large enterprise customers – and mid-market companies need options beyond stitching together piecemeal point solutions.
The three challenges to mid-market cyber security remain overly expensive and complicated solutions, greatly expanded attack surfaces driven by remote work, and increased attacks by hackers seeking to exploit the mid-market. To overcome these challenges, companies need affordable solutions that augment existing IT with built-in intelligence and non-disruptive security workflows. This is where automation and AI come in.
As I said earlier, 88% of email malware solutions are misconfigured – and that doesn’t even account for cloud malware, Wi-Fi phishing, and a huge range of emerging attack vectors for which most mid-sized companies have no protections in place. Why should such misconfigurations and omissions leave a company exposed to cyber threats, especially when a single breach could paralyze a business or cause enough damage to close its doors forever? Where possible, the responsibility for effective cyber-defense needs to be shifted off the shoulders of overstretched IT teams and onto machines. AI must be deployed to enable small teams with limited resources to effectively manage large and complex situations. Small companies must seek solutions that simplify the security experience: comprehensive, all-in-one solutions that are easy to deploy and easy to operate by way of intuitive UX design and AI automation.
The truth is, most small and mid-sized companies don’t need dozens of security professionals to manage straightforward and common security tasks. Look for security solutions that instead make use of intelligent automation to reduce the load on IT and security teams. Intelligent automation can automatically block malware threats, prevent accidental or malicious data leakage, lockdown rogue accounts, and prevent the majority of incoming attack attempts, all without human intervention. For the small percentage of issues that AI and intelligent automation can’t resolve, a concise and clear notification can be sent to administrators that can be resolved quickly and easily.
Even in this rapidly evolving cyber climate, the cost and complexity of security can be managed, and escalating cyber threats can be controlled. Comprehensive cyber security can and should be fully accessible to mid-sized companies. It’s time for mid-market IT leaders to reconsider the standard point solutions and seek comprehensive, AI-enabled software with built-in intelligence, designed specifically for their needs: elegant, non-disruptive security within a single, efficient platform.
About the Author
Guy Moskowitz is the CEO of Coro, one of the fastest-growing security solutions for the mid-market, providing all-in-one protection that empowers organizations to defend against malware, ransomware, phishing, and bots across devices, users, and cloud applications. Guy can be reached online at (LinkedIn and Twitter) and at our company website https://www.coro.net/