Tuesday, April 7, 2026
Latest:

Threatshub.org sponsored-Post

The Register

Too big to ignore, too small to be served: the midmarket security gap

TH Author

Partner Content The midmarket matters. JP Morgan estimates approximately 300,000 organizations generating $13T in annual revenue. Yet they occupy an awkward position in the security landscape. They’re large enough to be attractive targets with complex digital estates, significant revenue, and valuable data, but not large enough to have the headcount, budget maturity, or tooling sophistication of an enterprise security team.

Their risk profile warrants enterprise-grade defenses, yet those platforms weren’t designed with them in mind, but they’ve also outgrown tools for small businesses. They are, as Intruder’s new report puts it, “the security middle child”.

Intruder surveyed more than 500 senior security decision-makers at companies with 400-6,000 employees across the US and UK. Confidence is high across the board, but the operational data tells a different story. Teams are under strain despite growing headcount, while a fragmented tech stack adds noise rather than clarity. Conversations about cyber risk aren’t making it to the boardroom.

Here are three findings from the report. Want the full picture? Download the Security in the Middle report for free.

Confidence is unevenly distributed

Ninety-four percent of respondents say they’re confident in their ability to identify and remediate critical risks before attackers can exploit them. But when asked how long it would take to assess exposure to a critical zero-day, 51 percent said approximately a week. In a threat environment where exploitation routinely follows disclosure within 24 to 48 hours, that’s not a comfortable margin.

Dig deeper and the confidence is unevenly distributed. Among C-level respondents, 65 percent say they’re very confident. That figure drops to 55 percent among directors, 46 percent among senior managers, and just 36 percent among middle managers. The closer you are to the actual work, the less certain you are that it’s working.

The operational data suggests why: 28 percent cite lack of visibility into what’s exposed as a top challenge, 18 percent are still tracking internet-facing assets manually, and 9 percent are running multiple cloud environments without a unified view of risk. For a significant portion of midmarket teams, confidence isn’t rooted in visibility; it’s rooted in not knowing what they’re missing.

Organizations are addicted to tools

Midmarket security stacks are fragmented, and getting more so. Forty-four percent of teams have either outgrown their stack or stitched it together from point solutions that don’t provide a unified view.

The cost shows up clearly in the operational data. Twenty-six percent cite navigating too many tools as a top challenge, 24 percent cite too many alerts with poor prioritization, and 20 percent say they can’t effectively measure or report on their cyber hygiene. The stack isn’t just complex; it’s getting in the way. And with 33 percent planning to add more solutions this year, it’s more likely to deepen than resolve.

Underpinning all of this is a vendor market that was never really built for these organizations. Forty-six percent say enterprise platforms assume more staff, budget, or complexity than they can support, while 29 percent say SMB tools no longer meet their needs. Midmarket teams aren’t failing to choose the right tools. Instead, the right tools largely haven’t existed for them.

Boards at midmarket companies aren’t discussing cyber risk

Despite growing digital estates and stretched teams, cyber risk remains largely below the boardroom in midmarket organizations. Just nine percent discuss it at board level; 34 percent reach executive leadership; the majority (51 percent) keep the conversation at security or IT leadership only, and 7 percent confine it entirely to the security team.

UK respondents are more than twice as likely as their US counterparts to report board-level discussion (14 percent vs 6 percent), a gap that may reflect the influence of UK regulatory frameworks such as NIS2 and FCA cyber resilience requirements. External pressure is doing what internal advocacy struggles to achieve.

Without board-level visibility, there’s limited pressure to confront the problems this report describes. As digital estates grow rapidly, stretched teams reach for more tools. Those tools create more noise, which makes it harder to see what’s actually exposed. The problems reinforce each other.

Middle market companies have a lot more to say

Intruder’s Security in the Middle report shares insights on how headcount is holding up as estates scale; which sectors are under the most pressure; how investment priorities are shifting and whether they map to the problems teams actually face; and what the data reveals about AI adoption across midmarket security teams.

Benchmark your organization against 500+ peers. Get the full Security in the Middle report (it’s free).

READ MORE HERE