Mid-sized businesses hit with an average of 159 million cyber threats in March 2023, NormCyber reveals


MSSP enhances vulnerability and patch management reporting capabilities to help businesses combat ‘alert fatigue’

25th July 2023NormCyber, the award-winning managed security service provider for mid-sized organisations, has revealed that UK businesses are being bombarded with millions of automated cyber threat events. In March 2023, the average mid-sized business, employing fewer than 250 people, faced a staggering 159 million threats, while for larger companies, with more than 250 employees, the average was 1.13 billion.

NormCyber’s data snapshot for the month of March is based on the number of cybersecurity events processed by its smartbloc. CSaaS platform. While the platform triaged billions of events during the month, only a small fraction required action. For the average mid-sized organisation, just 764 alerts required investigation and/or remediation by NormCyber’s UK-based Security Operations Centre (SOC). Of these, only 16 incidents were considered serious enough to flag up to the customer. For larger companies, an average of 2,421 alerts required SOC investigation, with just 12 incidents warranting customer attention.

“With the magnitude of cyber threats now facing organisations, it’s difficult to comprehend how smaller in-house IT teams can work out which events require investigation and action. It’s hardly surprising that they can’t see the wood for the trees – and yet, it only takes one incident to slip through the net for there to be potentially devastating consequences,” said Pete Bowers, COO of NormCyber. “Companies which lack an effective and automated method for processing and filtering these threats will very soon find themselves suffering from alert fatigue, which can further drain their resources and place them at risk.”

To help businesses prioritise and remediate the threats that pose the greatest risk to their operations, NormCyber has today added new vulnerability and patch management reporting capabilities to its smartbloc. LIVE customer dashboard. Customers can now see which patches have been rolled out, and to which machines. This includes patches for Windows and Mac operating systems, as well as for over 300 third-party applications. Businesses can also see which vulnerabilities require patching and which can be resolved with configuration changes, helping them boost their security in the most efficient manner.

Unlike traditional technology-focused deployments, smartbloc. combines 24×7 managed cyber security protection with penetration testing, continuous cyber safety training and support for certification, compliance and incident response, aided by a team of legal experts. It couples deep technical know-how with plain-speaking reporting for the C-suite, giving decision-makers much-needed visibility and actionable guidance to inform an effective cybersecurity and data protection strategy. It is designed for mid-sized organisations, including those seeking Cyber Essentials and Cyber Essentials PLUS certification.

About NormCyber

Established in 2015, NormCyber is a company on a mission to provide mid-sized organisations with complete visibility and total control over cyber risk, without the hassle of managing it themselves. Its client list includes businesses in the finance, banking & insurance, logistics & supply chain, and retail & consumer goods industries, amongst others. With a customer retention rate of over 98 percent, NormCyber offers a true eyes-on-screen 24x7x365 UK-based Security Operations Centre. It also adheres to the highest information security standards including Cyber Essentials Plus, ISO 27001, and is both CREST-certified and PCI-DSS accredited.

Ready to tackle cyber security?

Request a meeting with a norm. expert to find out how our analysts keep you safe while you focus on what you do best: