Midmarket organizations average 56 days to remove exposures, nearly four times slower than smaller enterprises.

89% of midmarket security leaders report increasing budgets.

91% of midmarket security leaders say their digital estate grew over the past 24 months.

38% of midmarket security leaders say their digital estate grew significantly over the past 24 months.

Around 70% of midmarket security leaders say headcount has kept pace with their digital estate.

64% of midmarket security leaders feel their posture scaled appropriately with growth.

86% of SaaS midmarket organizations kept headcount at pace with their digital estate, with only 10% growing more slowly.

Only 9% of midmarket organizations discuss cyber risk at board level.

29% of midmarket organizations say SME tools no longer meet their needs.

41% of respondents report using AI pentesting, and it appears in the top five most-adopted tools for fintech, manufacturing, and retail.

Only 51% of healthcare midmarket organizations kept headcount at pace with their digital estate, and 26% grew more slowly.

94% of midmarket security leaders are confident in their ability to identify and remediate critical risks before attackers exploit them.

51% of midmarker security leaders say it would take approximately a week to assess their exposure to a critical zero-day.

Only 30% of midmarket organizations grew headcount faster than their digital estate.

36% of midmarket respondents acknowledge their security posture hasn't scaled appropriately with digital estate growth.

The dominant investment priorities for midmarket organizations are AI and automation (49%) and adding new solutions (33%).

44% of midmarket organizations describe a stack that is either outgrown or fragmented.

44% of midmarket organizations have either outgrown their stack or stitched it together from point solutions that don't provide a unified view.

46% of midmarket organizations say enterprise platforms assume more staff, budget, or complexity than they can support.