The mid-market is tackling a high rate of costly attacks, compounded by complex, siled defenses and staff burnout

Mid-sized businesses in the UK suffered significant financial and operational damage from cyberattacks in 2021 and want to see a fundamental shift in how cybersecurity is designed and operated, research from Censornet reveals.

33% of mid-market businesses experienced an outage that took them offline for more than a day. Only half were able to prevent malicious attachments from reaching users’ inboxes. Surprisingly, 21% were forced to pay hackers to disable ransomware. As a result, the top wish for cybersecurity in 2022 was to see security vendors open up traditionally closed products to enable automated response to cyberattacks.

Gathering insights from 200 UK-based IT and security leaders, spanning ten different public and private sectors, the research explored the biggest attacks of 2021, the challenges facing the middle market and their investment plans in 2022.

“For the UK middle market, the cybersecurity situation is serious,” said Ed Macnair, CEO of Censornet. “The financial and reputational cost of cybercrime is rising, putting more pressure on overworked professionals, who process hundreds of alerts a day from siled point products. Organizations need to work smarter, not harder. It’s only when the security systems work together seamlessly, faster than humanly possible, that we’ll see the needle start to move in the right direction. »

Cyberattacks cause significant damage to midsize businesses

The report finds that despite concerted efforts to protect themselves, mid-market companies continued to feel the sting of cyberattacks in 2021 – often due to cross-channel attacks, which only 37% of companies believed they could prevent . These incidents were driven in part by the unintended insider threat: 17% of all respondents reported serious attacks after employees opened suspicious or malicious emails, with that number rising to 28% for companies with more than 51 million pounds.

Ransomware was also a particularly serious threat, with 69% of organizations feeling unable to protect themselves against it. Among those who suffered a ransomware attack and paid the ransom, the average payout was £144,000, with 7% of those handing over over £500,000.

These vulnerabilities are also getting worse as more and more workers work remotely. 51% of midsize businesses said they had not purchased cybersecurity products designed to specifically protect hybrid and remote workers from threats.

Overly complicated security leading to high levels of stress

Research reveals that organizations invest in a large number of point products to address their risk. The average number of security products managed in a single organization is 24. 27% manage more than 31 security products at a time.

As a result, on average per day, 716.4 cybersecurity alerts are generated. Each security professional has to investigate more than 35.3 security alerts per hour and only has 102 seconds to assess what constitutes a real threat. Not only that, but 38% of mid-market security personnel said they had received a call in the middle of the night to investigate a cybersecurity incident.

This flood of out-of-hours alerts and requests translates to 47% of professionals feeling overwhelmed, with that figure rising to 59% in the public sector. It’s not hard to see why: 9% of cybersecurity personnel say they’ve experienced sleep deprivation due to cybersecurity issues, with the average amount of sleep being 5.7 hours per night, considerably less than the seven hours or more recommended by the NHS.

Automation and integration are essential to improve the situation in 2022

In response to the challenges facing organizations, respondents indicated a clear need for fundamental change in the way cybersecurity is designed and managed over the next year.

46% want security vendors to open up traditionally closed products to enable automated response to cyber threats and/or cyberattacks. In line with these needs, 76% of organizations said they plan to invest in a cloud-based security platform that enables their security products to autonomously share security event data to better protect their organization.