Key Takeaways:
- Mid-market organisations are moving cyber-security responsibilities in-house as trust in external vendors declines.
- Internal skills gaps, inconsistent training, and organisational misalignment are now seen as bigger risks than external attacks.
- Cost pressures are driving reduced cyber and cloud spending.
Introduction to the Shift in Cybersecurity Responsibilities
The cybersecurity landscape is undergoing a significant shift, with mid-market organisations in the UK increasingly taking cybersecurity responsibilities in-house. This move is driven by mounting cost pressures and declining trust in external cybersecurity vendors. A recent study by IT services provider Advania reveals that many mid-market organisations are reducing their reliance on external vendors and instead, opting to develop their cybersecurity capabilities in-house. This trend raises concerns about whether these organisations can sustain long-term cyber resilience. The study, which gathered responses from 1,236 mid-market IT decision-makers across the UK and six Northern European countries, provides valuable insights into the current state of cybersecurity in mid-market organisations.
The Decline of Trust in External Vendors
According to Advania’s Building Core Resilience 2025 report, many mid-market organisations perceive external vendors as being overly focused on enterprise customers, pushing products instead of tailored solutions, and offering transactional rather than supportive relationships. This reduced trust is reinforcing the trend towards in-house development and reduced reliance on external partners. The report suggests that mid-market organisations are seeking more personalised and supportive relationships with their vendors, rather than just being sold products. This shift in expectations highlights the need for vendors to adapt their approach to meet the evolving needs of mid-market organisations.
Internal Risks Overtake External Threats
The study found that IT leaders are more concerned about risks originating inside their organisations than from external hackers. Skills gaps caused by staff turnover, inconsistent security practices, and weak internal alignment on cyber strategy are considered the most disruptive factors. This suggests that organisational culture and communication play an important role in security, as well as technical controls. The fact that internal risks are now considered a greater threat than external attacks highlights the need for mid-market organisations to focus on developing a robust cybersecurity culture and addressing internal skills gaps. By doing so, they can reduce the risk of internal breaches and improve their overall cybersecurity posture.
The Impact of Cost Pressures on Cybersecurity Spending
The study also found that spending on cloud services and cybersecurity has decreased significantly as organisations reassess costs and feel overcharged by providers. Moreover, inflation, licensing costs, and operational expenses are forcing short-term budget cuts, even though these reductions may hinder long-term readiness and innovation. This reduction in spending is a concern, as it may leave mid-market organisations vulnerable to cyber threats. The need to balance cost pressures with the need for effective cybersecurity measures is a challenge that many mid-market organisations face. By prioritising their spending and investing in the most critical cybersecurity measures, organisations can ensure that they are protected against cyber threats without breaking the bank.
The State of Cybersecurity Training
According to the research, cybersecurity training is more common than in previous years, but it’s still not frequent enough in most organisations to deal with emerging threats such as phishing and business email compromise. Regular training is inconsistent across different regions, which leaves many employees unequipped to respond to daily attack attempts. The lack of consistent training is a concern, as it can leave organisations vulnerable to cyber threats. The importance of regular and consistent cybersecurity training cannot be overstated, as it is a critical component of a robust cybersecurity strategy. By providing employees with the training they need, organisations can reduce the risk of internal breaches and improve their overall cybersecurity posture.
The Importance of Alignment and Communication
Pravesh Kara, Director of Security and Compliance at Advania UK, noted that "if your strategy, training, and communication aren’t aligned from the board down, even the best technology won’t protect you." This highlights the importance of alignment and communication in cybersecurity. Organisations need to ensure that their cybersecurity strategy is aligned with their overall business goals and that all employees are aware of their role in maintaining cybersecurity. By doing so, organisations can reduce the risk of internal breaches and improve their overall cybersecurity posture. The need for alignment and communication is critical, as it can mean the difference between a successful cybersecurity strategy and a failed one.
The Role of Artificial Intelligence in Cybersecurity
The study also found that artificial intelligence (AI) is considered beneficial, particularly for improving cybersecurity and customer experience rather than cutting jobs. Most IT leaders believe AI enhances organisational outcomes, but some link it directly to measurable productivity gains, especially within IT teams. The use of AI in cybersecurity is a growing trend, and it is likely that we will see more organisations adopting AI-powered cybersecurity solutions in the future. The benefits of AI in cybersecurity are numerous, and organisations that adopt AI-powered solutions can expect to see improved cybersecurity outcomes and increased productivity.
The Modernisation of IT Environments
Finally, the study found that legacy systems are reaching end of support, and most organisations are now proactively modernising their IT environments. More regular system reviews, automated testing, and device upgrades indicate a transition from reactive fixes towards structured technical debt management. This is a positive trend, as it suggests that organisations are taking a proactive approach to managing their IT environments and reducing the risk of cyber threats. By modernising their IT environments, organisations can improve their cybersecurity posture and reduce the risk of internal breaches. The need for regular system reviews, automated testing, and device upgrades is critical, as it can help organisations stay ahead of cyber threats and improve their overall cybersecurity posture.
