RSM US special report shows middle market firms increasing spend dedicated to cybersecurity; percentage of firms with cyber insurance reaches record high.
- 28% of middle market executives reported their company experienced a data breach in the last year, matching a record high set by the 2021 RSM survey results.
- 30% of executives reported having at least one ransomware attack or demand in the last 12 months.
- A record-high 76% of executives said they carry a cyber insurance policy, up from 68% a year ago.
- 37% of executives plan to increase the proportion of their organization's revenue devoted to cybersecurity in the next year.
Cybersecurity attacks continue to be a significant risk for middle market companies as the increasingly complex threat environment includes emerging technologies such as generative AI, according to the RSM US Middle Market Business Index Special Report: Cybersecurity 2024, presented by RSM US LLP in partnership with the U.S. Chamber of Commerce. The report also highlights a sense of complacency among many companies amid fatigue after consistently hearing about risks and attacks for several years, but notes that firms must remain vigilant to protect sensitive data and ensure sustainable operations.
"The cybersecurity landscape is complex and cyber threat actors are relentless," said Tauseef Ghazi, national leader of security and privacy with RSM US LLP. "This year's survey data is telling us that while middle market firms are taking cybersecurity seriously, they may also be feeling a little complacent. Now is not the time to get complacent."
The MMBI data shows that 28% of middle market executives reported their company experienced a data breach in the last year, matching a record high set by the 2021 RSM survey results. Reported breaches at smaller middle market firms ($10 million to less than $50 million in revenue) rose to 20% from 12%, and breaches at larger companies ($50 million to $1 billion in revenue) increased to 37% from 28% since last year's survey. Though breaches were up, 95% of survey respondents indicated they are confident in their current security measures.
