Digital Security: A pressing concern for businesses of all sizes
A recent study conducted by Virtual Intelligence Briefing (ViB) revealed that a considerable number of firms feel underprepared, understaffed, and/or under-resourced to respond to evolving threats. A significant number face challenges in securing cyber insurance coverage and appropriate security awareness training for their workforce.
Research Technique
The research provides a deep dive into the current cyber defense strategies of mid-scale businesses, including the steps they are deploying to safeguard against malicious digital actors. The study was aiming to gain insights into the organizational structure, resources, and cyber protection strategies deployed and required by mid-scale businesses.
The research targeted private-sector businesses in the U.S. and Canada across all industry sectors. The respondents were IT professionals at manager, director, and C-level positions within these organizations.
Salient Discoveries
- 52% of medium-sized firms aim to escalate their cyber protection investments for 2023.
- 63% of medium-sized firms lack dedicated cyber protection professionals in their organization.
- 49% of medium-sized firms have either been a victim of a cyber attack or are uncertain if they were targeted in the last 12 months.
- 29% of medium-sized firms don’t currently have an emergency response strategy.
- 26% of medium-sized firms reported no cyber coverage.
Existing Cyber Protection Resources, Solutions, and Roadblocks
The data illustrates that mid-scale firms recognize the need for varied layers of cyber security. The most prevalent solutions deployed were email security (88%), endpoint protection (81%), network protection (75%), and security awareness training (73%).
Navigating the Current Threat Landscape
Cybersecurity remains a top priority for a majority of mid-sized businesses; however, readiness to fend off today’s threats is one of their most pressing challenges. The research highlights how a sizable portion of responding organizations is inadequately resourced to meet today’s threat landscape–creating gaps that can be exploited by even the least sophisticated of hackers.
Stumbling Blocks in Security Awareness Training
While 61% reported conducting regular formal security awareness training, only 11% say their employees adhere to security best practices. More alarming, more than 42% of respondents do not conduct regular formal security awareness training, exposing their organizations to higher cyber risk.
Challenges in Cyber Coverage
Securing cyber insurance coverage was a key issue for respondents. While 71% of respondents are required to carry some form of cyber insurance, 37% find it extremely difficult to obtain coverage.
Conclusion
The data confirms in stark terms that the businesses that drive most innovation, economic and employment activity in the U.S. and Canada are also at the most risk from cyber attacks. SMBs and their IT vendors have made decent strides in shoring up their cyber defenses in recent years, however huge gaps of vulnerability remain, posing significant economic and operational risks to themselves and the broader economy. In many cases, these companies are not aware that the same resources larger business enterprises access for protection are available to them at a scale and value that fits their company size.
Contact Integrated Insurance Advisors to discuss whether a cyber security insurance policy is right for you.
Reference
The State of Cybersecurity for Mid-Sized Businesses in 2023: Under-Staffed and Under-Resourced