Security challenges: Five midsize IT leaders on where they need help

clock • 8 min read
Security challenges: Five midsize IT leaders on where they need help

From ransomware and malware to the Internet of Things, midmarket IT leaders are staring down a number of security threats, often with limited resources at hand.

When it comes to staving off the plethora of security risks facing businesses today, midmarket companies find themselves in a precarious position: They face the same threats as much larger companies but with fewer financial and technical resources to combat them.

Whether it's fear of ransomware, the need to mitigate the risks of insider threats or the proliferation of Internet of Things devices at home that now pose a threat through remote workers, IT executives at midmarket companies said they are staring down security challenges from all sides, and they are implementing a number of different tactics to do it.

"There's VPN, there's multifactor authentication, there's training and there's all these security things that are coming with this new paradigm shift of being able to do work [remotely]," said Herman Brown, CIO of the San Francisco District Attorney's Office.

The IT security landscape looks very different today than it did just a few years ago, said Paul Furtado, vice president, analyst, within Gartner's Midsize Enterprise Security practice.

"Three years ago, nobody foresaw that we'd be moving 100% of our workforce - for a lot of us - to a remote environment," Furtado said during a keynote address at the MES IT Security conference in Indianapolis last week, an event produced by Computing parent The Channel Company.

"We're now starting to see trends where companies are bringing folks back into the physical facilities, back into the offices, but the reality is we always have to have a level of hybrid work in our environment. If we don't, it's going to impact our ability to retain, and in some cases, even attract talent."

In addition, bad actors are moving more quickly to weaponize any tool or vulnerability they can use to their advantage, Furtado said.

"ChatGPT, OpenAI, those types of tools, they're now bringing low-code/no-code malware development to the masses. The frequency of attacks is going to get worse," Furtado said. "That doesn't necessarily mean they're going to be more successful, but we've got to be paying attention to that because you know that guy you [angered] that didn't like his last [performance] review? He now has a tool, even though he's not a developer, that can generate some malware for him, and he can use it to attack your organization."

Jennifer Follett, editor of Computing's sister title CRN, spoke with several IT leaders at the event about what security challenges they're facing and the areas where they need help. Here's what they had to say.

You may also like
Malware campaign hijacks hundreds of thousands of browsers

Threats and Risks

Forcibly installs malicious browser extensions and alters core browser files

clock 12 August 2024 • 3 min read
Government orders review of tech sector shortages

Skills

Signals shift to curb overseas hiring

clock 09 August 2024 • 3 min read
Google strengthens Advanced Protection Program with passkey integration

Security Technology

To enroll in APP with a passkey, users need a compatible device and browser

clock 12 July 2024 • 3 min read
Most read
01

Ransomware targets London branch of China's ICBC

13 September 2024 • 2 min read
02

Teen arrested over TfL cyberattack

13 September 2024 • 3 min read
03

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Microsoft offers advice on avoiding another CrowdStrike-style outage

Microsoft offers advice on avoiding another CrowdStrike-style outage

Vendors should minimise use of kernel mode, customers should make full use of integrated Windows security features

John Leonard
clock 29 July 2024 • 3 min read
'Gay furry hackers' breach conservative US think tank behind Project 2025

'Gay furry hackers' breach conservative US think tank behind Project 2025

Heritage Foundation calls group "degenerate perverts"

Tom Allen
clock 11 July 2024 • 2 min read
Why 'change' for the UK must include cybersecurity

Why 'change' for the UK must include cybersecurity

Labour needs to to get ahead and demonstrate a commitment to security from the outset

Rick Jones
clock 11 July 2024 • 4 min read