3 Lessons for Mid-Market CEOs Who Think They’re Immune from Hacking

Big-company victims such as Target and Morgan Stanley grab all the headlines when they’re hacked and millions of customers find their privacy breached. But the cybersecurity of mid-market companies actually is violated more frequently.

That is one of the most important observations by Gary Kovacs, CEO of AVG Technologies, a major business-to-business online-security company, in his summation of lessons about cyber breaches for leaders of mid-market companies. He share them recently at a roundtable for mid-market companies, and now he’s sharing three major insights with the Mid-Market CEO Briefing.

1. Your company already is a victim. Rather than a vague threat or something only aimed at marquee companies, Kovacs said, hacking is most prevalent among mid-market companies. On average, mid-marketers this year will be breached anywhere from 3-7 times.

“Hackers and activists actually are after mid-market victims in tremendous volume,” he said. “But when they get hit, it doesn’t reach the press.”

“Mid-marketers typically don’t have big data architects, so they’re not as sophisticated, and it’s easier for hackers to get in and get the stuff they want.”

One reason they’re targeted, Kovacs explained, is that mid-market enterprises typically “never had the big data architects that a company like Target had, so they’re not as sophisticated. It’s easier for hackers to get in and get the stuff they want.”

2. You don’t have to stand for it. “There are very easy fixes from us and others at the app level” in cloud-level anti-hacking security, Kovacs said,. “These are measures you can take to protect yourselves.”

3. You can help reduce the overall problem. AVG asks its millions of users, both end consumers and small and medium-sized businesses, if they will allow the company to send what’s known as “anonymous threat data” to the company’s central servers so it can analyze the threats, develop predictive profiles and solutions, and make the system better for everyone.” About half of AVG’s users, or about 100 million people, do allow it.

“So we have all those endpoints sending us data, and it has helped us tremendously to be able to act much more quickly and thoroughly on threats,” he said. Whereas it used to take AVG “about 45 minutes from the time we understood a threat to the moment of developing a [software] patch to fix it, now that time is down to 40 seconds—because people participated for the greater good.”

We all have to be safe together,” Kovacs points out. “That’s something our competitive instincts sometimes don’t allow us to understand.”


  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events