Medium-sized enterprises, often with small groups and limited IT budgets, need to invest in people, processes, and technologies to protect themselves from digital threats, Patrick Long, chief analyst, said Gartner on the second day of the Gartner Security & Risk Management Summit India.
“Medium-sized business leaders face the daunting challenge of using limited resources… they must prioritize staying current and working diligently to protect the organization and manage risk effectively,” Long said.
Due to budget constraints, 57% of medium-sized businesses do not have a comprehensive information security manager (CISO). These organizations usually have less than 30 members in their IT teams which means less focus on security professionals.
According to Gartner, medium-sized businesses face security risks from five major sources – cybercriminals, intruders, fraudsters, criminals and the state/government.
To overcome these risks, midsize security leaders need to invest vigorously in the technology and tools needed to reduce threats. For teams, where hiring a full-time CISO is not possible, IT leaders can opt for alternatives such as visual CISOs or outsourcing.