When it comes to security, bigger isn’t always better.Sure, large companies tend to have more strategic and effective security operations than smaller companies, so they should have fewer breaches and less negative ¿fallout from attacks. Right?Wrong. Our survey found that mid-market companies (those with revenue between $100 million and $1 billion) experienced fewer security breaches than their larger counterparts. Nearly 30 percent of midsize companies claimed their security measures have never been compromised compared with just 16 percent of larger enterprises.Bigger companies also have less of a handle on what’s happening in their (larger) networks. They’re less likely than their smaller counterparts to know how many security breaches they’ve had (42 percent of the bigger companies had no clue versus 29 percent of midsize companies and 16 percent of the small-market companies, those with less than $100 million in revenue). Bigger budgets and more security staff also make no difference when it comes to recovering from an attack. The percentage of midsize companies that experienced network downtime lasting more than a day matches the figure for large companies: about 10 percent.Finally, midsize companies have a slightly clearer picture of the losses they sustain in an attack. Fifty-five percent knew the extent of their financial losses; just 51 percent of large companies could make the same claim. Why is this so? Security specialists cite two factors to explain the discrepancies between the actions and outcomes of the big guys and their smaller counterparts.Larger companies most likely sustain more cyberattack attempts than smaller ones because the returns to the evil-doer are greater if the attack succeeds. Big companies also tend to be more complex and keeping tabs becomes challenging, to say the least. But the experts say the gap between mid- and large-market companies might have been even wider if the larger companies had not followed more strategic security practices. The lesson here is that midsize companies might reduce the number of security breaches they experience (and the damage caused by them) if they did the same. Related content brandpost Sponsored by SAP Innovative integration drives automotive group to SAP awards Using SAP Build Process Automation, China Grand Automotive Services Group Co., Ltd. accelerated and streamlined processes for its 700+ dealerships, saving time and costs while earning recognition for its innovation. By Tom Caldecott, SAP Contributor Dec 11, 2023 4 mins Digital Transformation news Concerns remain even as the EU reaches a landmark deal to govern AI Experts believe the new regulation would add a significant compliance burden on businesses as some argue it could even stifle the growth of the rapidly developing technology. By Gagandeep Kaur Dec 11, 2023 7 mins Regulation Artificial Intelligence feature CIOs grapple with the ethics of implementing AI With ethical considerations around AI use increasingly top of mind, IT leaders are developing governance frameworks, establishing review boards, and coming to terms with the difficult discussions and decisions ahead. By Esther Shein Dec 11, 2023 13 mins Generative AI Data Governance IT Governance feature Reed Smith turns to AI for lawyer staffing solution The legal firm’s Smart Resourcing tool helps balance workloads and ensure partners find associates with the right skills and experience, while empowering employees to make connections across the firm’s global footprint. By Sarah K. White Dec 11, 2023 8 mins CIO 100 Legal Digital Transformation Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe