Infographic

What do evolving cybersecurity trends mean for your company?

Are your controls keeping up with rapidly changing cybersecurity threats?

August 05, 2024

Key takeaways

The cybersecurity environment is extremely volatile for middle market companies.

Controls and strategies must evolve to keep pace with emerging threats.

Understanding trends can help you develop a proactive cybersecurity approach.

#
Risk consulting Cybersecurity consulting Cybersecurity

The cybersecurity risk environment is more volatile than ever. Between cybercriminals having more tools in their arsenal and threats emerging from ongoing geopolitical conflicts, no company is immune to a potential breach. In addition, the rise of artificial intelligence innovations is a double-edged sword—companies can use AI to detect threats faster. However, hackers can also use the technology to launch more attacks much more efficiently.

Your cybersecurity controls must develop and mature to keep pace with evolving threats, and insight into current trends is critical for developing your strategy. The RSM US Middle Market Business Index Special Report: Cybersecurity 2024 recently detailed cybersecurity challenges, as well as actions companies are taking to combat emerging and ongoing risks.

Data breaches illustration

Breaches are at a record high

28%

of middle market executives said they experienced a data breach last year, matching the highest number in the RSM survey’s history (2021).

20%

reported suffering a breach in 2023.

Cyber insurance is increasing in popularity

Cyber insurance illustration

76%

of companies that report having a cyber insurance policy is also a record high in RSM research.

68%

of companies said they had a policy in 2023.

Staffing challenges illustration

Staffing remains a challenge

61%

have two or fewer data security/privacy employees.

34%

of smaller middle market companies have no internal data security/privacy employees, but 27% of those use external providers for data security services.

Companies are focusing on digital identity

Digital identity

31%

of companies provide access as needed.

24%

give a single identity to access systems.

22%

use disparate usernames and passwords.

11%

say passwords are a thing of the past.

Third-party risk strategy illustration

Third-party risk strategies are evolving

64%

of executives regularly evaluate cybersecurity controls at third parties.

58%

include service-level agreements and other data and security controls in contractual agreements.

53%

use governance, risk and compliance or other third-party risk management tools.

50%

include critical third parties in business continuity and disaster recovery planning.

Migration to the cloud is continuing

Digital identity

55%

of respondents reported migrating to the cloud as a result of security concerns in the past year.

89%

of executives say they feel more secure with their data in the cloud.

50%

of companies said they moved to the cloud for security reasons in 2023.


Managing cybersecurity threats has always been challenging, but as hackers become more nimble and broaden their scope, an already difficult task has become even more complex. However, by understanding how risks are evolving and where your business may be vulnerable, you can develop a more proactive cybersecurity approach.

Cybersecurity 2024 special report

Our annual insights into cybersecurity trends, strategies and concerns shaping the marketplace for midsize businesses in an increasingly complex risk environment.