If you work for a midsized company—typically one with 100 to 999 employees, according to Gartner—it might be time to think about upgrading your cybersecurity protection.
A rash of reports in the past year say as much. The latest, from Coalfire Labs, found that for the first time midsized companies now experience the highest cybersecurity risk factors. The report found that while midsized companies have not improved in that area at all, large and small organizations improved significantly, leaving midsized companies trailing.
Other reports over the past year back up that claim. A Cisco report from 2018 found that midsized organizations struggle the most to adequately secure their environments. That report found that data breaches cost 20% of affected midmarket companies at least $1 million and result in 8 hours or more of system downtime.
A 2018 report from Osterman Research said that midmarket companies face the most difficult challenges from a security perspective—because they experience higher rates of attack than smaller companies and similar rates of attack as their larger counterparts. At the same time, they have fewer employees over which to distribute the cost of the security infrastructure.
Coalfire Labs Vice President Mike Weber attributes the shabby showing of midsized companies to several factors, including fast growth. He noted that midsized organizations often are becoming victims of their own rapid growth, where new solutions may not be configured optimally for secure operations, leaving the door open for cybersecurity risks.
Continuing migration to cloud computing also plays a role. With so many organizations adopting multicloud configurations, there is a struggle to get configurations right. Coalfire found that security misconfiguration was one of the biggest risks across organizations of all sizes, and that it was most prevalent in organizations with freshly developed or recently migrated cloud solutions.
"While cloud providers demonstrated a higher degree of security, their responsibility for securing the provided services stops at a point, and it’s the cloud customer’s responsibility to pick up from there," Weber said. "For example, a cloud provider can support your database on a robust and highly available platform with plenty of features to manage your big data set, but the cloud provider isn’t going to encrypt your data for you, or manage your API keys in your DevOps shop. Midsized organizations are fast-paced and dynamic, and technology changes can happen quickly."
Yet organizations of all sizes continue to experience plenty of breaches. According to the Coalfire report, the top five application vulnerabilities for 2019 are cross-site scripting, injection, security misconfiguration, password flaws and sensitive data exposure. Phishing continues to be a serious issue; in more than 70% of Coalfire Labs’ testing engagements, organizations experienced at least one full compromise of credentials. In 20% of those tests, about half of the targeted employees gave up their credentials.
It's also important not to discount insider risk, Weber said.
"In the majority of the organizations that included testing where we emulated an internal threat, we found very few instances where our access and activities, escalating privileges and gaining access to restricted data were detected and stopped," he said. "Only the most mature organizations were capable of defending themselves from that particular emulated threat."
