United States

RSM US Middle Market Business Index Cybersecurity Special Report 2020

The middle market has become ground zero for the cybersecurity threat


Get the full cybersecurity report

Middle market companies have increasingly become the primary target for cybercriminals, with data security incidents rising incrementally each year. Attackers have realized that large organizations have invested heavily in security measures, and the success rate does not often justify the effort. However, the middle market is big enough to yield significant results for hackers without having to contend with the mature controls of their larger rivals.

In addition, the COVID-19 pandemic has increased the complexity of cybersecurity challenges for the middle market. As the new distributed workforce has become even more dependent on the internet to remain productive, hackers are taking advantage of the crisis by unleashing a variety of attacks that larger organizations are often better equipped to address. And, in an unprecedented public health situation, where organizations must focus on employee safety and keeping the business running, cybersecurity processes require heightened attention.

“Unfortunately, during this historical pandemic, cyber thieves are preying on organizations,” commented Ken Stasiak, RSM principal. “As companies address the new normal, we may see a spike in security breaches over the next several months.”

Eighteen percent of middle market C-suite executives claimed that their company experienced a data breach in the last year, up from 15% in 2019 and over three times the percentage from just six years ago.

Beyond increasing threats of cyberattacks, the regulatory landscape continues to shift, providing higher levels of consumer protection in the United States and abroad. The European Union’s General Data Protection Regulation was implemented in 2018, governing how EU residents’ personal information is collected and stored. Domestically, similar individual state regulations quickly followed suit, with a Nevada law taking effect in October 2019 and California regulations becoming effective at the beginning of this year. Additional state laws will take effect this year.

What's inside the 2020 Cybersecurity Special Report?

  • The report includes in-depth analysis and benchmarking information about several key areas, including:
  • Evolving cyberthreats, and how companies can prepare
  • Information and data security
  • Cyber insurance
  • Ransomware attacks
  • Business takeover threats
  • Privacy protections compliance
  • Migration to the cloud to ensure data security

Download the full 2020 Cybersecurity Special Report

How can we help you?

Contact us by phone at 800.274.3978 or request more information by email. 

View past cybersecurity reports