intelligent

Robert Sugrue , Cybersecurity Product Director at Six Degrees

products and skills . While large businesses are in the more advantageous position to be able to improve their cybersecurity postures , with budgets to upgrade their security tools and expertise , the less prepared mid-market enterprises are left exposed to significant risk as they become the targets for threat actors .

Risk levels for mid-market enterprises

A recent study by Barracuda Networks offers a bleak outlook for mid-market enterprises , revealing that organisations with fewer than 100 employees are 350 % more likely to be victims of cyberattacks . Their more limited budgets and resources offer inadequate detection and response levels to keep them a step ahead of their intelligent threat opponents .

In today ’ s cyberthreat landscape , with a 100 % chance of being targeted , organisations must assume they will be compromised at some point . The dramatic evolution in corporate networks has created security vulnerabilities which are obvious to threat actors .

In the event of a successful breach , even heavy financial compensation is unlikely to make up for reputational damage and loss of customer trust incurred by victims , not to mention business disruption or unplanned downtime caused as a result . This means prevention is better than cure .

Cyber-risk insurance isn ’ t a solution increases or put firms at higher risk of a payout being denied , all at a time when global advisors are reaching out to businesses to not pay ransoms at all .

Since data is arguably their most valuable asset , it ’ s critical for mid-market enterprises to make cybersecurity a business priority and maximise defence for their increasingly borderless networks .

Proactive cybersecurity strategies can minimise mid-market enterprise risk

Mid-market enterprises are realising that cybersecurity strategies must rank top of the agenda . By adopting a proactive cybersecurity strategy which includes effective staff training , working with security experts and simulating breaches to test defences , businesses can bolster their defences and guard valuable data to avoid the worst happening :

Building a strong culture of security throughout the organisation is one of the most effective ways to reduce risk . Increasing employee vigilance is critical to detecting suspicious behaviour in order to avoid them clicking on infected links and phishing emails . It only takes one employee to click on the link for the attackers to be within the network . The most effective way to embed a culture of cybersecurity is through regular phases of training to ensure that workers don ’ t become complacent .

ORGANISATIONS WITH FEWER

THAN 100 EMPLOYEES

ARE 350 % MORE LIKELY TO BE VICTIMS OF

CYBERATTACKS .

With threat response levels among mid-sized enterprises being poor , a typical response might be to invest in cyber-risk insurance . However , this plays no role in defence itself and the liability cannot be transferred to the insurance company . For a data-first business , it doesn ’ t offer any reassurance against an attack and renders them an easy target for threat actors .

As with all insurance , there is also the risk of claims potentially being denied or payouts being smaller than needed to offset the business impact . Cyber insurance can also cause complacency : if the risk or threat has been removed in the short-term , there ’ s less immediate pressure to focus on long-term midmarket enterprise cybersecurity . Exposure and claims could cause further insurance premium

Core technology processes must be in place for all digital businesses to heighten security defences . This means a comprehensive review of how the business currently protects its users and systems to identify gaps and specific vulnerabilities . Effective network monitoring must be implemented which can detect abnormal behaviour and compromised email accounts . Threat responses should be automated to ensure the earliest response to suspicious activity . Maintaining cybersecurity updates to software and protocols as well as the latest detection tools is vital to keep pace with the ever-increasing intelligence of cybercriminals .

Assessing the business risk is vital . This means regular penetration testing and security assessments , which are an essential way