Combating cyber risk in the midmarket

Midsize companies face a higher risk of cyberattacks. Here are some tips to help MSPs

Patrick O’Donnell, Senior Vice President of Sales for the Americas at Barracuda Networks.

Security experts have been telling the market for years that, when it comes to cybercrime, size doesn’t matter — any business, from a Fortune 500 company to a small local school district, can be a target. However, as large companies invest in more holistic cybersecurity solutions, criminals have turned to midsize enterprises (MSEs) as potentially lucrative targets. Security-centric MSPs should talk to clients in that category about specific ways to improve their cybersecurity posture.

Midsize firms can serve as a gateway for lateral attacks

MSEs (businesses with $15 million–$250 million in revenue and 200–2,000 employees) have caught cybercriminals’ attention because they are often connected to multiple other, larger companies’ supply chains or vendor networks, offering a backdoor to target other potential victims with lateral attacks. In addition, MSEs frequently have less robust security in place or undocumented vulnerabilities due to prior mergers or acquisitions.

According to Barracuda’s Cybernomics 101 report, roughly half (48 percent) of the companies with 100–750 employees described their cybersecurity posture as somewhat ineffective, as did 37 percent of companies with 750–2,000 employees. The median impact and recovery cost of IT asset damage ranged from around $50,000–$100,000 for the smaller MSEs to up to around $1 million or more for the largest MSEs. The average annual cost for small to midsize businesses to recover from a breach is $5 million. 

Fewer average attacks, but higher incident rates plague midsize firms

While a larger enterprise can absorb those costs, they could be crippling for these smaller companies. Midsize and smaller firms are also subject to more intensive phishing and other email-based attacks. While these companies report fewer average attacks, their mailboxes can be the target of as much as two to three times the number of incidents. 

How can MSPs communicate this risk and the necessity of taking the proper steps to secure their networks, applications, and data? As outlined in the Barracuda e-book on Cybersecurity essentials for medium-sized enterprises, several key strategies that should be reinforced with MSE clients include:

Invest in robust email protection: Email is the gateway for most attacks against MSEs. Security solutions like those offered by Barracuda prevent threats, detect and respond to attacks, and secure client data. That includes end-user education to help employees identify potential phishing emails through regular training and testing. Email scanning technology powered by artificial intelligence (AI) automatically scans incoming emails for suspicious content based on real-world email activity. Email encryption completes this approach by protecting sensitive information.

Maximize your resources: Investing in Extended Detection and Response (XDR) solutions, including bundled security operations center (SOC) services, enables MSPs to offer more advanced security solutions to a broader array of clients of all sizes without investing in acquiring and training new staff. XDR solutions can collect and automatically correlate data across email, endpoint, server, cloud, and network security layers, making threat detection faster and easier via automated analysis. Additionally, an XDR helps MSPs improve their detection and response metrics while improving accuracy and reducing the total cost of ownership for the MSP. An XDR also offers MSPs a single view of threat vectors across the entire client base, with access to a 24/7 SOC.

Secure all applications: Using a web application firewall (WAF) to monitor and filter traffic between the internet and web apps can block malicious requests. MSPs should also encourage regular software updates, patch management, and 24/7 monitoring of applications for suspicious activity to help identify unusual traffic or potential attacks. This should be augmented with a well-documented and tested incident response plan.

Make network security a priority: Perimeter security can be accomplished through approaches like secure access service edge (SASE), which consolidates security functions and centralizes cybersecurity management. A zero trust network access (ZTNA) approach only grants access to data and the network on a case-by-case basis, with credential verification. ZTNA provides a way to securely connect users regardless of location.

Protect data with reliable backup and recovery: Robust data backup and recovery solutions are a tried-and-true hedge against ransomware and other attacks. Data can be restored quickly and easily, provided you have established regular backup procedures. 

Conduct regular security assessments: MSE clients can benefit from penetration testing and assessments that help identify gaps and vulnerabilities. MSPs should offer these services to existing and potential clients. These reports can help kickstart conversations about possible solutions.

Purchase cyber insurance: Even the best cybersecurity solutions are not infallible; breaches may still occur. Companies are increasingly investing in cyber insurance policies to help protect them after a successful attack. However, these policies often require companies to establish well-documented security policies and technologies. Following the tips above can help put MSEs in an excellent position to obtain a strong policy at a reasonable cost.

Midsize enterprises are an attractive target for cybercriminals but present a significant opportunity for MSPs to help improve the security posture of such clients. With a targeted discussion outlining the high risk of an attack and the potential cost benefits of robust security, MSEs can be convinced to improve their cybersecurity practices while helping reduce risk.

Patrick O’Donnell is Senior Vice President of Sales for the Americas at Barracuda Networks.