Mid-Market's future

If it's left behind the cybersecurity curve
The threat faced by mid-market organisations is huge and growing.

Yet, they do not always have access to the same level of protection as enterprises – even though the impact of a breach is often worse for smaller businesses.

Enterprises enjoy the latest cyber security solutions, which are managed by a team of skilled and highly trained cybersecurity professionals. Unfortunately, the same cannot be said for mid-sized organisations, which often make do with unsatisfactory products or a patchwork of point products that provide an ineffective defence. Some don’t have any defences at all.

43% of mid-market owners have no cybersecurity defence plan in place

An “alarming number of small businesses in the UK and US are not prepared for a potential cyber-attack or breach”. A study published in 2020 found that 43 percent of mid-market owners have no cybersecurity defence plan in place, leaving sensitive financial, customer and business data, at “significant” risk. One-third of companies with 50 or fewer employees admitted using free, consumer-grade cybersecurity, whilst one in five companies did not employ endpoint security solutions.

Mid-Market Security Solutions

There is hope for the mid-market yet. Thanks to the advent of extended detection and response (XDR) platforms and other systems which incorporate several different services into one unified solution, the mid-market is now beginning to gain access to enterprise grade security. Gartner described XDR as a “unified security and incident response platform that collects and correlates data from multiple proprietary components”.

It continued: “The platform-level integration occurs at the point of deployment rather than being added in later. This consolidates multiple security products into one and may help provide better overall security outcomes. Organisations should consider using this technology to simplify and streamline security.”

XDR has a clear benefit for mid-size businesses because it is more cost-effective than older solutions whilst offering significant performance benefits. When analysts from ESG asked security professionals about the threat detection and response systems, most said they were using security information and event management (SIEM). However, 57 percent said they have “struggled with issues” when using their SIEM, saying it was too expensive, required specialised resources and often led to an overload of data.

1/3 of companies with 50 or fewer employees admitted using free, consumer-grade cybersecurity

However, when ESG spoke with early adopters of XDR, they said it allowed them to spot a compromise in a shorter space of time due to the greater visibility it offers. The automation XDR provides would require the equivalent of eight full-time staff, ESG found, meaning it works like “a modern SOC-in-a-box”. This should be music to the ears of mid-sized businesses, for whom a fully-fledged Security Operations Centre may be out of reach.

A SOAR Point

It’s not just SIEM that has been found lacking. That other mainstay of security, SOAR (security orchestration, automation, and response), is lacking too. “SIEMs provide visibility, but they lack the orchestration and automation required to decrease response times,” wrote Al Huger, Senior Vice President and General Manager of Cisco’s Security Platform & Response organization for Cisco Secure.

“SOARs provide automation, but correlation is not straightforward and requires a lot of expertise. Neither option provides built-in response functionality. While larger companies can afford to do the lengthy process of calibrating and maintaining these solutions over time, it’s not possible for resource and time-constrained teams.” Which means that these solutions will not give mid-market companies the protection they need. On the other hand, XDR can provide an effective security posture whilst reducing costs and offering an integrated, unified platform that removes complexity.

The elusive dream of XDR is around the corner for the mid-market. The ability to protect the largest attack surface – web and email – by incorporating cloud, web, email, data loss prevention (DLP) and identity protection into one unified solution is here. It also acts autonomously – moving security from reactive to proactive, allowing services to respond to new threats and adapt to changing circumstances.

For the mid-market the “SOC in a box” promise is in reach. It’s Autonomous Extended Detection and Response – aXDR.

 

More in Cloud Security
The challenges of browser security
The challenges of browser security

Thousands of policies to consider, while only a few are enforced.


The impact of migrating to the cloud
The impact of migrating to the cloud

How the cloud has become an extension of your attack surface, and how to secure it.


2025 cyberthreat predictions
2025 cyberthreat predictions

Expert insights from Barracuda’s security frontline.


Tired of playing whack-a-mole with cyber threats?
Tired of playing whack-a-mole with cyber threats?

Why incremental cyber security fixes don’t work.


How to use AI to combat new cyberthreats
How to use AI to combat new cyberthreats

Efficiently empower defenders and disarm intruders.


Uncovering M365’s security blind spots
Uncovering M365’s security blind spots

How to create a truly agile and secure M365 environment.


The business value of Microsoft Surface
The business value of Microsoft Surface

Simplify management of your users' devices.


Weighing up Microsoft Surface?
Weighing up Microsoft Surface?

IDC research paper into the business case.


Empower your teams to do anything, anywhere
Empower your teams to do anything, anywhere

Best-in-class devices. Zero touch provisioning.


How scalable is your digital transformation?
How scalable is your digital transformation?

Three ways Microsoft Surface is an ideal platform for retail digital transformation.


The second wave of digital transformation
The second wave of digital transformation

How Surface helps retailers navigate it.


How technology helps retailers meet sustainability goals
How technology helps retailers meet sustainability goals

What makes digital solutions the perfect option.


Share this story

We're a community where IT security buyers can engage on their own terms.

We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.

Interested in what you see? Get in touch, and let's start a conversation Get in touch