Insider Threat Tops List of Mid-Market Cyber Security Concerns
Skip to content

Insider Threat Tops the List of Mid-Market Cyber Security Concerns According To Node4’s New Independent Research 

DERBY 15th February 2024 – Node4’s Mid-Market IT Priorities Report 2024 reveals a detailed picture of the cyber security landscape across UK mid-market companies, exploring confidence levels in the face of rising attacks, cyber security solution adoption trends and barriers to successful cyber security policy implementation.

Launching today, Node4’s Mid-Market IT Priorities Report 2024 reveals the top ten mid-market cyber security threats for the next 12 months, as set out by the sector’s IT decision-makers. Top of the list is insider threat, followed by AI-related threats, ransomware, deep fakes and malware. The second half includes DoS attacks, supply chain attacks, phishing, zero-day attacks and scams/fraud. 


Commenting on the findings, Paul Bryce, Managing Director at Node4, notes: “The high level of concern around insider threats could be attributed to the large number of job transitions and redundancies over the past 12 months, coupled with the growing reliance on contractors to address IT and cyber security skills gaps. It might also be linked to long-term, security-related worries, flexible working and the increased potential for cyber attacks on a distributed workforce.” 

Node4’s new research also points to significant adoption of pre-crime and preventative cyber security measures, with around 40% of respondents stating they currently have dark web intelligence and incident response capabilities — suggesting a growing level of maturity in cyber security policy adoption across the mid-market.  

Perhaps linked to the above findings, the report reveals a high degree of optimism surrounding cyber security defence capabilities. Over three-quarters of IT decision-makers said they were confident in their organisation’s ability to prevent and respond to cyber attacks, despite the research being conducted at a time of increased cyber security attacks aimed squarely at small and mid-sized organisations. Breaking down these results by vertical sector, IT decision-makers working in private healthcare were the most confident, while those in retail were least so.  


With mid-market IT budgets tighter than ever, IT decision-makers are faced with the task of carefully aligning spend to the areas of business where it can deliver the biggest impact in 2024 and beyond. 

Access our Mid-Market IT Priorities Report for 2024 and get insight into the sentiments of over 500 IT decision-makers on crucial topics such as towards cyber threats, AI, data and compliance. Click the button below to download the report for free.



It is worth sounding a note of caution here. Over a quarter of respondents told us they believe AI could expose their organisation to new cyber security risks in the future, and that dealing with AI-related threats is their top priority for the next 12 months. Further, around one-third of compliance challenges identified by respondents in this research are directly linked to IT security and cyber security risk mitigation — pointing to the ongoing complex issues at play in ensuring secure, remote access to corporate data. Taken together, these findings indicate now is not the time for complacency, and the mid-market’s IT decision-makers need to double down on their proactive, vigilant cyber security stance.   

Less than 15% of mid-market IT decision-makers manage cyber security defences with internal staff, while over a third outsource to managed service providers. Meanwhile, the majority rely on a combination of in-house resources and their MSP. This could explain why nearly a quarter of respondents said the need to enhance data security and compliance was driving their digital transformation efforts.  

Paul Bryce concludes: “Our findings show that many mid-market organisations are working hard to implement more mature and effective cyber security measures. This comes at a time when lower budgets, fewer resources and a shortage of in-house skills are all having a significant impact. However, around a quarter of respondents stated that a lack of suitable services from cloud providers, primary tech partners and MSPs was a principal barrier to doing so. This suggests the mid-market relies increasingly on third-party support to do the heavy lifting for its cyber security strategy implementations — and will lean on it to an even greater degree as cybercriminal threats become even more complex, harder to spot and difficult to repel.”

The Mid-Market IT Priorities 2024 Report is based on a survey conducted independently and exclusively for Node4 by Censuswide. It reveals the views of 503 IT decision-makers across the private healthcare, transport, retail, finance and insurance sectors. The survey was conducted amongst Heads of IT, IT Directors, CIOs, CTOs and IT Managers in companies with 100-1,000 employees, with an equal split for each job title across each sector.

This year’s report also references data from the Mid-Market IT Priorities Report 2021/2022 and the Mid-Market IT Priorities Report 2022/2023. These reports surveyed 459 and 300 IT decision-makers, respectively — both covering the insurance, transport and logistics, healthcare, and online retail sectors.