Mid-market Organisations At Greater Risk

Uploaded on 2023-11-17 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

In the last few years, many organisations have scaled up their cyber operations, with the rise of remote working forcing many to revise their cyber security provision as frequency of breaches increase.  

Unfortunately, e2e-assure’s recent research has found that the majority (59%) of mid-sized organisations report less confidence in detecting cyber threats compared to just over half of enterprises (52%). This is unsurprising, as the mid-market is increasingly becoming the perfect victim for cyber criminals as larger organisations shore up their cyber operations, becoming harder to bypass. 

For many small organisations, well configured and efficient cyber hygiene can be sufficient in increasing their cyber posture, offering a proficient level of defence. But sadly, the same cannot be said for the mid-market. The increased intricacies of tech stacks and policies can begin to mirror the cyber defence and monitoring needs of enterprises, but with a fraction of the available cyber security budget.

As a result, many mid-market organisations are sold ‘out of the box’ cyber solutions, with the focus of service innovation and customer-centricity solely on the enterprise level clients.

Consequently, the mid-market is commercially viewed as an easy win - minimal work with year-on-year contracts that offer favourable margins. 

What Are The Biggest Frustrations Among CISOs?

Our report unveiled that the biggest frustrations of the 500 CISOs and cyber security decision makers we surveyed are:

  • Long rigid contracts
  • The continual need to bolt on new services
  • The lack of threat hunting capabilities 

The cyber security industry is fast-paced and unforgiving. The relentless drum beat of cyber threats are exhausting, and most cyber professionals are longing for a trusted specialist they can lean on for their expertise.

Disappointingly, we have seen that customers are experiencing limited value from their current providers, with 59% reporting their provider is underperforming. Therefore, it is understandable that only 23% of our respondents state they will keep their provisions fully outsourced.

In fact, we predict a significant shift towards hybrid solutions, with 61% stating they will be looking to continue leveraging a hybrid solution. 

Why? Simply put, we think CISOs just want to be able to sleep better at night. By bringing some or all their cyber provision in-house they can have much better visibility and control of their cyber posture.

Potential For Change 

But there is still some hope for providers. Interestingly, despite underperformance, our research has found that there is still a strong desire to outsource. In fact, most respondents recognise the limitations of their in-house security teams and are happy to relinquish more control to providers in return for quicker decisions (68%) and faster response times (63%).

The question that mid-market organisations should therefore be asking is how can these be achieved if their current cyber security provision is failing?

The Move To Attack Disruption

In today’s current cyber threat landscape, it is no longer a question of whether an organisation will be compromised, but when it will happen. 

It is therefore a concern to find that over a quarter (26%) of mid-market CISOs and cyber security decision makers report that their provider is not implementing proactive measures such as threat hunting to best tune alerts and protect their environment. 

We have found SOC-as-a-service to be one of the most popular cyber security operations to outsource and used by almost a third of CISOs and cyber security decision markers (29%). But it is imperative that CISOs move away from traditional SOC models which use these ‘out of the box’ set ups that are not efficiently tuned to the environment they’re monitoring. 

With false positives a prevalent issue within outdated SOCs, already overburdened teams can become burnt out, and trust in tools can be diminished. 

Attack Disruption in modern SOCs utilises a contain first and investigate immediately approach. This approach focusses on containing machines that show suspect malicious activity, disrupting a potential attacker instantly. Threat intelligence and alert tuning are strong factors that influence the success of this approach, as weakness in either can lead to high false positives and continue analyst fatigue. But a well configured Attack Disruption model will drastically improve the detection and response times for any business.

Looking Forward To 2024’s Threat Landscape 

As we approach 2024, it’s evident that a critical shift is needed to ensure cyber defence quality is more consistent across all sizes of organisation. 

Those most in need of a change, mid-market organisations, can drive this shift by asking their current provider to set clearer KPIs around the time taken to detect and contain threats; offer clearer visibility of the proposed cyber security road map and draw up more flexible contracts then enable better cyber security agility.

These imperative steps will reduce the risk of mid-sized organisations being left behind as cyber-attacks continue to advance.

Tim Anderson is Chief Commercial Officer at e2e-assure

You Might Also Read:

Who Foots the Bill For A Data Breach?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Surging Attacks On Israeli Websites
Four Reasons To Use A Dedicated IP In 2023 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

Keyfactor

Keyfactor

Keyfactor is a leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform seamlessly orchestrates every key and certificate across the enterprise.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

Sternum

Sternum

Sternum provides reliable and effective endpoint security for any IoT device, using robust technology and seamless integration.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

Yellow Brand Protection

Yellow Brand Protection

Yellow Brand Protection operates 24/7 to protect brands' Intellectual Property (IP) from infringements on all kinds of online distribution channels.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

Securosys

Securosys

Securosys is a technology company dedicated to securing data and communications. We develop, produce, and distribute hardware, software and services that protect and verify data and their transmission

NWN Corp

NWN Corp

NWN Corporation is a leading Cloud Communications Service Provider (CCSP) focused on transforming the customer and workspace experience for commercial, enterprise and public sector organizations.

IriusRisk

IriusRisk

IriusRisk is an open Threat Modeling platform that automates and supports creating threat models at design time.

Mobilicom

Mobilicom

Mobilicom is an end-to-end provider of cybersecurity and smart solutions for drones, robotics & autonomous platforms.

iomart Group

iomart Group

iomart is a cloud computing and IT managed services business providing secure hybrid cloud, network connectivity, data management, and digital workplace capability.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

Hughes Network Systems

Hughes Network Systems

Hughes are industry leaders in networking technologies and services, innovating constantly to deliver the global solutions that power a connected future for people, enterprises and things everywhere.

Cyberagentur (Cyber Agency)

Cyberagentur (Cyber Agency)

Cyberagentur is the Federal Agency in Germany for innovation in cybersecurity. Our mission is to advance research and groundbreaking innovations in the field of cybersecurity and related technologies.