The RSM US Middle Market Business Index (MMBI) Cybersecurity Special Report maintains middle market firm cybersecurity threats are multidirectional, with more skilled criminals targeting the segment.
RSM US LLP (RSM) partnered with the U.S. Chamber of Commerce to craft the analysis. The number of breaches reported in the last year among middle market companies slightly decreased with protections becoming more available and executives understanding the consequences related to potential incidents.
“The middle market encountered a roller coaster of risks in the last year, from lingering threats related to the COVID-19 pandemic to geopolitical conflicts and economic uncertainty,” RSM US LLP Security and Privacy Services National Leader Tauseef Ghazi said. “The small drop in reported breaches is encouraging, and we largely attribute it to middle market companies beginning to implement better identity and access management controls. Yet, even with the decline in reported attacks, companies recognize the risks posed by the current dynamic threat environment, with 72 percent of executives anticipating that unauthorized users will attempt to access data or systems in 2022, a sharp rise from 64 percent last year and the highest number since RSM began tracking data in 2015.”
Survey respondents revealed a decrease in ransomware attacks and demands for the first time since RSM began collecting such data in 2018, indicating that 23 percent of middle market executives noted they experienced a ransomware attack or demand in the past year.
“We see businesses of all sizes encountering cyber threats, such as ransomware attacks,” U.S. Chamber of Commerce Vice President of Cyber Security Policy Matthew Eggers said. “With the ongoing Russia-Ukraine conflict, the U.S. homeland and national security communities are urging businesses to take steps to protect their networks and partner with the government.”