Security challenges: Five midsize IT leaders on where they need help

clock • 8 min read
Security challenges: Five midsize IT leaders on where they need help

From ransomware and malware to the Internet of Things, midmarket IT leaders are staring down a number of security threats, often with limited resources at hand.

When it comes to staving off the plethora of security risks facing businesses today, midmarket companies find themselves in a precarious position: They face the same threats as much larger companies but with fewer financial and technical resources to combat them.

Whether it's fear of ransomware, the need to mitigate the risks of insider threats or the proliferation of Internet of Things devices at home that now pose a threat through remote workers, IT executives at midmarket companies said they are staring down security challenges from all sides, and they are implementing a number of different tactics to do it.

"There's VPN, there's multifactor authentication, there's training and there's all these security things that are coming with this new paradigm shift of being able to do work [remotely]," said Herman Brown, CIO of the San Francisco District Attorney's Office.

The IT security landscape looks very different today than it did just a few years ago, said Paul Furtado, vice president, analyst, within Gartner's Midsize Enterprise Security practice.

"Three years ago, nobody foresaw that we'd be moving 100% of our workforce - for a lot of us - to a remote environment," Furtado said during a keynote address at the MES IT Security conference in Indianapolis last week, an event produced by Computing parent The Channel Company.

"We're now starting to see trends where companies are bringing folks back into the physical facilities, back into the offices, but the reality is we always have to have a level of hybrid work in our environment. If we don't, it's going to impact our ability to retain, and in some cases, even attract talent."

In addition, bad actors are moving more quickly to weaponize any tool or vulnerability they can use to their advantage, Furtado said.

"ChatGPT, OpenAI, those types of tools, they're now bringing low-code/no-code malware development to the masses. The frequency of attacks is going to get worse," Furtado said. "That doesn't necessarily mean they're going to be more successful, but we've got to be paying attention to that because you know that guy you [angered] that didn't like his last [performance] review? He now has a tool, even though he's not a developer, that can generate some malware for him, and he can use it to attack your organization."

Jennifer Follett, editor of Computing's sister title CRN, spoke with several IT leaders at the event about what security challenges they're facing and the areas where they need help. Here's what they had to say.

You may also like
Regulators block Meta from training AI on user data

Artificial Intelligence

UK and EU authorities have told Meta to pause plans to train LLMs on Facebook and Instagram data

clock 17 June 2024 • 2 min read
US and Europe dismantle global botnets and arrest key players

Law

Operation Endgame was 'the largest ever operation against botnets'

clock 31 May 2024 • 3 min read
Microsoft vows to overhaul security, tie executive pay to performance after string of breaches

Security

'We are making security our top priority at Microsoft'

clock 07 May 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Microsoft June Patch Tuesday has fixes for Windows, Outlook and SharePoint

Microsoft June Patch Tuesday has fixes for Windows, Outlook and SharePoint

A relatively quiet month

John Leonard
clock 12 June 2024 • 2 min read
Cloud encryption rates are disastrously low, research

Cloud encryption rates are disastrously low, research

Come on in, the door's open

John Leonard
clock 05 June 2024 • 2 min read
Remote working: We're on top of defending WFH, say IT leaders

Remote working: We're on top of defending WFH, say IT leaders

'Security has been moved to devices rather than offices meaning all have the same protections'

John Leonard
clock 31 May 2024 • 3 min read