’Mid-market organisations are working hard to implement more mature and effective cyber security measures,’ says managing director 

IT decision-makers from the insurance sector have said that ransomware is their top cyber security risk for 2024, according new research by Node4.

The report, called Mid-Market IT Priorities Report 2024, revealed the top 10 cyber security threats that were expected over the next 12 months.

This includes insider threats, AI-related threats, ransomware, deep fakes and malware, DoS attacks, supply chain attacks, phishing, zero-day attacks and scams.

IT decision-makers in insurance pointed to ransomware (39%) as the most pressing cyber security risk.

The Mid-Market IT Priorities Report 2024 is based on an independent survey by Censuswide for Node4 and gathered insights from 503 IT decision-makers across a range of sectors.


Despite the concerns, the report also revealed that decision makers were optimistic over cyber security defence capabilities.

For example, in response to the question about confidence in their organisation’s ability to prevent and respond to cyber attacks, some 81% of IT decision-makers in the insurance industry expressed a high level of confidence.

Meanwhile, the report highlighted that 38% of mid-market organisations had implemented incident response measures, while 53% have cyber insurance.

However, the report found that “the smallest mid-sector companies have relatively lower cyber security”.

The report said: “It’s possible that soaring premiums and stricter acceptance criteria have pushed the barriers for entry beyond mid-market organisations, forcing them to redouble their efforts on pre-crime and preventative measures such as dark web intelligence.

“This could also explain the relatively high take-up of incident response (40%) and ransomware negotiation capabilities (35%) as damage limitation options.”

Despite this, Paul Bryce, managing director of Node4, said firms were working to bolster their defences against cyber attacks.

He said: “Our findings show that many mid-market organisations are working hard to implement more mature and effective cyber security measures, which is encouraging.”