Insider threat the major security concern?

Node4’s Mid-Market IT Priorities Report 2024 reveals a detailed picture of the cyber security landscape across UK mid-market companies, exploring confidence levels in the face of rising attacks, cyber security solution adoption trends and barriers to successful cyber security policy implementation

  • Tuesday, 20th February 2024 Posted 9 months ago in by Phil Alsop

Node4’s Mid-Market IT Priorities Report 2024 reveals the top ten mid-market cyber security threats for the next 12 months, as set out by the sector’s IT decision-makers. Top of the list is insider threat, followed by AI-related threats, ransomware, deep fakes and malware. The second half includes DoS attacks, supply chain attacks, phishing, zero-day attacks and scams/fraud.

Commenting on the findings, Paul Bryce, Managing Director at Node4, notes: “The high level of concern around insider threats could be attributed to the large number of job transitions and redundancies over the past 12 months, coupled with the growing reliance on contractors to address IT and cyber security skills gaps. It might also be linked to long-term, security-related worries, flexible working and the increased potential for cyber attacks on a distributed workforce.”

Node4’s new research also points to significant adoption of pre-crime and preventative cyber security measures, with around 40% of respondents stating they currently have dark web intelligence and incident response capabilities — suggesting a growing level of maturity in cyber security policy adoption across the mid-market.

Perhaps linked to the above findings, the report reveals a high degree of optimism surrounding cyber security defence capabilities. Over three-quarters of IT decision-makers said they were confident in their organisation’s ability to prevent and respond to cyber-attacks, despite the research being conducted at a time of increased cyber security attacks aimed squarely at small and mid-sized organisations. Breaking down these results by vertical sector, IT decision-makers working in private healthcare were the most confident, while those in retail were least so.

It is worth sounding a note of caution here. Over a quarter of respondents told us they believe AI could expose their organisation to new cyber security risks in the future, and that dealing with AI-related threats is their top priority for the next 12 months. Further, around one-third of compliance challenges identified by respondents in this research are directly linked to IT security and cyber security risk mitigation — pointing to the ongoing complex issues at play in ensuring secure remote access to corporate data. Taken together, these findings indicate now is not the time for complacency, and the mid-market’s IT decision-makers need to double down on their proactive, vigilant cyber security stance.

Less than 15% of mid-market IT decision-makers manage cyber security defences with internal staff, while over a third outsource to managed service providers. Meanwhile, the majority rely on a combination of in-house resources and their MSP. This could explain why nearly a quarter of respondents said the need to enhance data security and compliance was driving their digital transformation efforts.

Paul Bryce concludes: “Our findings show that many mid-market organisations are working hard to implement more mature and effective cyber security measures, which is encouraging given that the combined impact of lower budgets, fewer resources and a shortage of in-house skills could easily hamper these efforts. However, around a quarter of respondents stated that a lack of suitable services from cloud providers, primary tech partners and MSPs was a principal barrier to doing so. This suggests the mid-market relies increasingly on third-party support to do the heavy lifting for its cyber security strategy implementations — and will lean on it to an even greater degree as cybercriminal threats become even more complex, harder to spot and difficult to repel.”  

The promise of AI is on every biopharma’s radar, but the reality today is that much of the industry is grappling with how to convert the hype into...
IT teams urged to resolve ‘data delays’ as UK executives struggle to access and use relevant business data.

‘Playtime is over’ for GenAI

Posted 4 days ago by Phil Alsop
NTT DATA research shows organizations shifting from experiments to investments that drive performance.

GenAI not production-ready?

Posted 4 days ago by Phil Alsop
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient governance to implement GenAI.

AI tops decision-makers' priorities

Posted 4 days ago by Phil Alsop
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100 global IT decision-makers and professionals, the...

The state of cloud ransomware in 2024

Posted 4 days ago by Phil Alsop
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security realm.
Talent and training partner, mthree, which supports major global tech, banking, and business clients to build job-ready teams, has revealed the...

AI innovation is powering the Net Zero transition

Posted 4 days ago by Phil Alsop
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.