We are proud to be named a West Coast Regional Leader for 2024

Middle market tech companies must remain focused on cybersecurity during growth

ARTICLE | May 30, 2024

Authored by RSM US LLP

The technology industry faces a host of challenges to protect its complex systems, data and users amid pervasive cyberthreats.

For midsize technology companies, in particular, the basics are often a good place to start, says Kurt Shenk, an RSM partner and and technology senior analyst. These predominantly private businesses, which often grow quickly due to organic growth, infusions of private capital, or acquisitions, are focused on scaling up, so they can have a blind spot for their cyber vulnerabilities, he says.

“Some of the things that might be second nature at a large firm are not necessarily in place at midmarket tech companies,” says Shenk, noting a lack of incidence response protocols, education around threats such as email phishing or a clear understanding of cybersecurity insurance coverage. “What’s the procedure, who is getting involved and how do you respond when something takes place?”

Even the best preparation cannot always thwart sophisticated attacks, says Shenk, who notes that several of his technology clients now find it necessary to keep bitcoin on their books in the event they fall victim to a ransomware attack and must pay bad actors to release their information.

"Some of the things that might be second nature at a large firm are not necessarily in place at midmarket tech companies. What’s the procedure, who is getting involved and how do you respond when something takes place?"

Kurt Shenk, RSM Technology Senior Analyst

Well-known technology corporations have been among the most widely reported breaches in recent years. As of late 2023, the SEC began requiring public companies to report “material” cybersecurity incidents within four business days and to disclose annually how they manage cybersecurity—both measures designed to protect investors.

Meanwhile, the use of AI presents technology firms with great opportunity for innovation but also brings additional cyber risk, Shenk says. The European Union in March gave final approval to a set of protections around AI use intended to take effect in about two years, including prohibiting AI-powered social scoring systems and biometric tools that attempt to surmise an individual’s race, politics or sexuality. The United States, by contrast, has yet to put forth similar restrictions.

But Shenk believes the recent SEC requirements may portend a period of heightened regulation that could govern private companies as well.

“The beginning of regulation is there, and it seems like something that will continue,” he says. “Companies are focused on it.”

Let's Talk!

Call us at +1 213.873.1700, email us at or fill out the form below and we'll contact you to discuss your specific situation.

  • Topic Name:
  • Should be Empty:

Source: RSM US LLP.
Reprinted with permission from RSM US LLP.
© 2024 RSM US LLP. All rights reserved.

RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent assurance, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.

​Vasquez + Company LLP has over 50 years of experience in performing audit, tax, accounting, and consulting services for all types of governmental entities, nonprofit organizations, private companies, and publicly traded companies. We are the largest minority-controlled accounting firm in the United States and the only one to have global operations, and certified as MBE with the Supplier Clearinghouse for the Utility Supplier Diversity Program of the California Public Utilities Commission.

For more information on how Vasquez can assist you, please email or call +1.213.873.1700.

Subscribe to receive important updates from our Insights and Resources.

  • Should be Empty: