Huntress Research Survey Pulls Back Curtain on Security Threats to Mid-Sized Businesses

61% of mid-sized businesses do not have dedicated cybersecurity experts

Columbia, Maryland


ELLICOTT CITY, Md., March 15, 2023 (GLOBE NEWSWIRE) -- Huntress, the managed security platform for small and mid-market businesses (SMBs), today released the findings of its State of Cybersecurity for Mid-Sized Businesses in 2023 survey, revealing cyber security challenges faced by the mid sized businesses across the United States and Canada that comprise 99% of all businesses.

Aimed to gain insights into organizational structure, resources and cyber security strategies, the results contextualize challenges across core functions including gaps in toolkits, planning, staffing, security awareness training and difficulty to secure cybersecurity insurance. Most notably, Huntress found:

  • 49% of mid-sized businesses plan to budget more for cyber security in 2023
  • In the last twelve months, 24% of mid-sized businesses have suffered a cyber attack or are unsure if they have suffered a cyber attack
  • 61% of mid-sized businesses do not have dedicated cybersecurity experts in their organization
  • 47% of mid-sized businesses do not currently have an incident response plan
  • 27% of mid-sized businesses reported having no cyber insurance coverage

“In some regards, this research tells a virtual ‘Tale of Two Cities’ for mid-size and smaller businesses. Many report solid progress in strengthening their cyber defenses, while others acknowledge they face significant gaps in resources and talent that substantially increases their cyber risk,” commented Kyle Hanslovan, chief executive officer of Huntress. “That’s why we focus on delivering solutions that scale to their specific size and circumstance to close these vulnerability gaps.”

The full report can be found here.

Mid-Sized Businesses Struggle to Implement Security Basics
Mid-sized businesses are increasingly aware of the need for layered cybersecurity strategies. However, more tools doesn’t necessarily equal more protection. Research showed a large portion of respondents weren’t deploying threat monitoring, endpoint detection and response, vulnerability scanning, patch management or network detection and response. Perhaps most alarming, 47% of respondents reported their organization does not currently have an incident response plan, which puts the organization at a severe disadvantage for quickly and effectively fighting off security incidents when they occur.

Beyond lacking necessary security solutions, mid-sized businesses also struggled to implement basic training measures and recruit the necessary staff. In fact, 61% of respondents say they do not have dedicated cybersecurity experts in their organization and only 9% say their workers adhere to security best practices. These gaps create major obstacles when fighting off the cyberattacks in today’s advanced threat landscape as the fewer defenders there are to bolt the door shut, the more paths there are for cybercriminals to get through the defenses. While this challenge permeates throughout businesses of all sizes, mid-sized companies are often strapped for money and resources, making it more difficult to effectively recruit and retain the talent they desperately need.

Poor Security Fundamentals Manifest into Cyber Insurance Difficulties
Mid-sized organizations are feeling the residual effects of their security gaps when going through the process of securing cyber insurance. While the demand for cyber insurance is increasing, it’s becoming harder to secure because the fundamentals aren’t being adequately met. Findings showed that while 69% of respondents reported they are required to carry some form of cyber insurance, nearly 30% reported having no cyber insurance coverage, highlighting the immediate need to shore up cyber hygiene in order to lock in protection.

Survey Methodology
Virtual Intelligence Briefing (ViB) of Nashua, New Hampshire, conducted the research on Huntress’ behalf and targeted private sector businesses in the US and Canada with between 250 - 2000 employees across all industry sectors. Respondents were IT professionals at the manager, director and c-level within these organizations. The survey was conducted over two weeks in January 2023, with 256 companies in the United States and Canada participating.

About Huntress
Hackers are constantly evolving, exploiting new vulnerabilities and dwelling in IT environments—until they meet Huntress, a leading provider of cyber security solutions for the small and mid-size business community.

Founded by former NSA Cyber Operators—and backed by a team of 24/7 threat hunters—our managed security platform defends businesses from persistent footholds, ransomware and other attacks. The company’s solutions include managed endpoint detection and response (EDR), security awareness training, managed antivirus and MacOS security tools.

Huntress has grown to provide its cyber security solutions to more than 3,600 partners serving over 83,000 organizations and 1.8 million endpoints.

Huntress’ mission is to secure the 99% - the small and mid-size businesses that are the backbone of the nation’s economy. Learn more at www.huntress.com and follow us on social @HuntressLabs.

Media Contact
Katie Pesek
(703) 795-1928
pesek@merrittgrp.com