Industry’s First and Most Comprehensive Research Study on Mid-Market Sector Cyber Security Reveals 490% Increase in Likelihood of Breach by End of 2021
November 2021 by Coro
Coro, the all-in-one cyber security platform designed for mid-market organizations, growing businesses, and lean IT teams, today released an extensive cyber security research report revealing a true market failure: a severe lack of preparedness of the mid-market sector, which is comprised of companies with between 100 and 1,500 employees, to defend against an expanding array of cyber attacks. Pandemic-induced digital transformation, including remote work, proliferation of devices, and increased cloud application usage, has fueled the rapid emergence of a much broader expanse of assault types than anything seen pre-pandemic, including malware and ransomware attacks via cloud applications and email, endpoint malware, Wi-Fi phishing and insider threats. Report results show that mid-size companies are largely unprotected due to the fact that they lack the immense team resources,expensive products, and expertise needed to protect against these increasing attacks, as the cyber security market has evolved mainly to serve large enterprises — and yet, the mid-market sector is getting hit by cyber attacks with a frequency and sophistication on par with large enterprises.
“While we’ve seen broader-reaching protection developed for the large enterprise, the cyber security industry is not prioritizing mid-market needs. Now, growing businesses remain entirely exposed in the face of truly unprecedented levels of cyber attacks, which are rapidly increasing not only in volume and sophistication but also in range and lethality,” said Guy Moskowitz, CEO of Coro. “The market has failed to protect these essential businesses, and Coro is addressing this issue by providing comprehensive, enterprise-grade cyber security protection priced and engineered specifically for mid-size companies.”
The research report is based on the examination of over 4,000 mid-size companies across the retail, manufacturing, professional services, healthcare, transportation, and education industries. Findings show that the mid-market sector is not equipped to handle the current cyber climate:
• The vast majority of mid-market organizations are in the dark when it comes to detecting attacks and completely defenseless when it comes to warding them off. Email malware attacks have increased 154% between 2020 and 2021, but only 1% of mid-size companies have email malware protection in place in 2021 — with 88% of that number having misconfigured the protection settings. The numbers fare even worse for lesser known attacks such as Wi-Fi phishing, which have increased 203%: less than 1% of mid-size companies have any kind of Wi-Fi phishing protection in place and those who do have a misconfiguration rate of 90%.
• The number of attacks on mid-market organizations in every sector increased by at least 50% between 2020 and 2021. Healthcare and transportation stand out as the fastest-growing sectors, with attacks increasing over 125% between 2020 and 2021. Attacks in retail, manufacturing, and professional services nearly doubled, increasing between 86% and 90%. These increases demonstrate a broad shift, as this caliber and volume of attacks were previously targeted mainly at large enterprises, but are now being launched at mid-size companies.
• Targeted, customized attacks are quadrupling, while insider threats have doubled: In 2021, the proportion of naïve attacks — the least sophisticated attack type — dropped from 86% to 68%, while customized attacks and insider threats — both targeted attacks that are the most lethal and damaging — are expanding 4x and 2x respectively, revealing bad actors’ ability to scale more intelligent assaults against a broader range of organizations.
• Mid-market organizations are as much as 490% or more likely to experience a security breach by the end of 2021 as they were in 2019. The growth of cyber attacks and the increase in threat vectors targeting mid-size companies since the start of the pandemic, combined with the failure of the security industry to provide viable security solutions geared toward the mid-market sector and the widespread misconfiguration of the few security solutions that have been deployed, have resulted in an alarming increase in the likelihood of experiencing a devastating breach.
In light of the report’s conclusions, Coro has committed to providing tools and financial programming to make enterprise-grade cyber protection accessible to mid-size businesses. To that end, Coro has unveiled its new Easy Upgrade Program, a first-of-its-kind cyber security financing program. The new initiative provides financing options that enable companies currently locked into contracts with legacy security solutions to upgrade to Coro’s all-in-one platform immediately with no upfront cost, thereby not requiring additional budget.
Coro has also introduced its next-generation all-in-one cyber security platform. With a new user interface, faster set-up, expanded features, and AI automation, the Coro next-gen platform provides comprehensive security across all endpoints, protecting users, cloud applications, email, devices, and data. The platform is built on the principle of non-disruptive security and leverages AI and machine learning to automatically find and fix most known cyber threats and vulnerabilities. Coro saves lean IT teams time, energy, and resources by surfacing only the issues that require human intervention - the platform’s newly released 1-click resolveTM feature allows IT to then solve most issues with a single click.
“Our next-generation platform is our answer to a significant hole in the current market - a holistic, affordable security tool that offers maximum protection with minimal involvement. We’ve removed the extra steps, and there are no logs to pore over and no need to balance between multiple tools and integrate disparate systems,” said Carmel Domshlak, co-founder and chief scientist at Coro. “Here, everything is in one place, and Coro AI anticipates risk to take care of the majority of issues without IT ever having to intervene.”
"Coro provides our organization, and by default the communities that we serve, with comprehensive protection and real-time alerting we need to defend against cyber security threats," said Eddie Drachenberg Jr., director of IT at O’Neill Healthcare. "With Coro, I have had the confidence and ability to continuously train our employees on proper methods of encrypting email, including PHI/PII/PCI data, by leveraging its DLP alerts and reporting. I was pleasantly surprised to discover that Coro not only alerts against phishing and ransomware email threats but also allows me to create rules to prevent further attacks. Coro has proven a great step in the right direction for O’Neill Healthcare’s cyber security needs."
Coro has experienced 300% year-over-year growth for each of the past three years and has also recently expanded its advisory, now joined by Barmak Meftah, former CEO of AlienVault and former AlienVault senior executives Roger Thornton and Russell Spitler.
“Mid-size and growing businesses clearly bear the brunt of cyber security attacks, and yet many don’t have the budget or expertise to fully secure their assets, relying on either outdated, incomplete off-the-shelf solutions or fragmented security strategies,” said Barmak Meftah, former CEO of AlienVault. “Enter Coro, the only cyber security solution on the market that has broken through the barriers of price, complexity and IT resources that nearly every mid-size business faces, with an all-in-one platform that automatically discovers and addresses the vast majority of cyber threats.”