Report: Mid-sized businesses are 490% more likely to experience security breach since 2019

Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more

According to a cross-industry mid-market security study by Coro, mid-sized businesses are as much as 490% more likely to experience a security breach by the end of 2021 than they were in 2019.

Today, mid-sized companies are getting barraged by cyberattacks as frequently as their enterprise counterparts. Yet unlike large enterprises, these smaller companies lack the budgets, resources, and expertise to protect themselves. Adding to that, the cybersecurity industry prioritizes large enterprise needs, leaving a dearth of cybersecurity tools geared toward the mid-market.

The study revealed that between 2020 and 2021, the number of attacks on mid-sized in every sector increased by at least 50%, with attacks in health care and transportation increasing by more than 125%.

Bar graph. Caption: Comparison of cyber attacks by industry between October 2020 and October 2021. Detailed results are written verbatim in the article itself.

Above: Comparison of cyberattacks by industry between October 2020 and October 2021

Image Credit: Coro

Additionally, cyberattack numbers tend to spike significantly as the holiday season approaches. In the last quarter of 2020, cyberattacks on mid-sized businesses across industries increased between 22% and 36% compared to the first eight months of the year, and increases are trending similarly for 2021. The sophistication of attacks has leveled up as well, the proportion of generic attacks — those involving no attempt to differentiate between targets — to more sophisticated schemes dropped from 86% to 68% from 2020 to 2021. Meanwhile, targeted and customized attacks that are significantly more damaging have quadrupled.

Prior to the pandemic, phishing and malware attacks were the predominant attack types. However, due to the digital transformation, mid-sized companies went through over the last two years, a broader range of cyber assaults has since emerged, and every type has grown significantly between 2020 and 2021. Bot attacks have increased by 238%, Wi-Fi phishing by 203%, malware in cloud applications by 180%, malware via email by 154%, malware delivered via endpoints by 156%, and insider threats by 132%.

To exacerbate the situation, most mid-sized…