What Mid-Market Security Teams Are Really Talking About

Three days, eleven on stand sessions and dozens of conversations. That was this year’s Infosecurity Europe where we took a deep dive into the world of Microsoft Security and how it can help manage, mitigate and solve today’s complex security challenges.

The Softwerx team hosted practical sessions for mid-market in-house teams, covering topics including triaging Microsoft Sentinel alerts faster with Logic Apps, securing Microsoft 365 Copilot, detecting employee-focused attacks and turning Power BI into a real-time threat dashboard.

The conversations were candid and real. From automation trust gaps to high profile retail breaches, shifting team structures and the question of whether Microsoft security is still underestimated, one thing was clear: mid-market security leaders are focused on staying protected, compliant and operational now and not just planning for the future. For Softwerx, that’s exactly our space. As a Microsoft Security partner for the mid-market, we work with IT and security leaders who aren’t chasing that next shiny tool but are trying to make smart decisions with limited time, people and budgets.

Here are ten real-world issues we heard from delegates on our stand, and how we can help mid-market organisations to overcome them.

1. You can’t respond to what you can’t see

Visibility remains one of the biggest IT security challenges. It directly affects an organisation’s ability to detect, understand and respond to threats. But many IT leaders visiting our stand last week told us that it isn’t alerts that they’re lacking in, it’s insight. They have the data but what they don’t have is the context, making it difficult to highlight the real threats. Effective threat detection hinges on transforming raw alerts into actionable intelligence that safeguards both data and reputation. But without clear visibility into what’s happening or how critical it is, reducing risk becomes very difficult.

This is where Softwerx comes in. We help our customers to connect the dots between threat signals and real business impact by harnessing the capabilities of Microsoft Sentinel, Defender and Purview. Minutes matter and our secure365 service leverages the real-time detection and response features of Microsoft 365 Defender and the security information event management (SIEM) capability of Microsoft Sentinel. This enables teams to identify suspicious events which are then triaged and managed by our Security Operations Team. This integrated approach helps our customers to achieve richer context to their security alerts, surfacing and understanding the true risks within a noisy security environment – before they escalate, ensuring stronger more successful protection.

2. Good security should keep business moving – and compliant

Mid-market organisations are under more pressure than ever to meet regulatory and compliance demands, and we had a lot of questions about compliance on our stand. But achieiving compliance should not get in the way of business operations. If security processes slow down progress, then security isn’t doing its job. For many mid-sized organisations, the challenge comes not just in stopping threats but in ensuring business continuity while maintaining compliance with evolving industry-specific regulations. But despite these challenges, mid-market businesses should not see security as a blocker. When used well, security strategy can shift from a defensive necessity to a proactive business catalyst that propels growth and that enables businesses to meet regulatory compliance.

Our approach centres on resilience and usability. We help customers to remain compliant by building Microsoft Security into their environments in a way that aligns with both operational goals and regulatory expectations – simple, robust and designed for the real world. Softwerx assists customers by leveraging Microsoft Purview for greater depth of insight, while educating organisations on how to get true value from their Microsoft Security technologies. We embed these systems within daily processes to demonstrate compliance with the latest regulations and directives such as DORA, NIST2, NIS2 and many others.

3. Automation is powerful, but trust matters more

A key theme, not just on our stand, but across the entire Infosecurity Europe 2025 event, was automation. Everyone’s talking about it but with a noticeable sense of caution. While automation holds huge promise for strengthening threat detection and response, many business leaders we spoke to are still grappling with the fundamentals – where do we begin? What exactly should be automated? Who has control? And most importantly, how do we ensure that nothing critical slips through the cracks? These are valid concerns and they highlight the need for a thoughtful, transparent approach to automation – one that balances efficiency with oversight and speed with trust.

At Softwerx we support teams to adopt automation responsibly – by design. That means putting visibility first, embedding clear controls and ensuring human oversight at every stage to reduce the risk of deviation and scope creep, catching AI hallucinations early and continuously earning and reaffirming trust. Automation isn’t a ‘set it and forget it’ solution. Without the right guardrails in place it can lead to accidental risk acceptance or missed threats. That’s why we work closely with our customers to build trust into the process, ensuring automation enhances security without compromising accountability.

4. AI is on the agenda but it’s only useful if adds value

AI dominated conversations at this year’s event – from Microsoft Copilot to the latest wave of emerging, intelligent security tools. It’s clear that AI is no longer on the horizon – it has arrived. But while the buzz is loud, the questions from customers are grounded and practical: Where does AI genuinely add value? How do we deploy it safely and responsibly? And what does a realistic roadmap look like? The appetite is there but so is the need for clarity, strategy and trust.

We help customers move beyond AI theory. That means secure-by-design Copilot adoption, alignment with governance and focusing on use cases that reduce workload and risk. AI and Copilot add significant value to businesses by automating process and transforming business functions. However, many of the IT and security leaders we spoke to had concerns around the security of data in AI. Softwerx supports mid-market organisations by demonstrating best practice methods for monitoring, managing and securing the information that users access and use every day. We leverage Microsoft Security technologies such as Purview, Data Security Posture Management (DSPM) for AI, Data Loss Prevention (DLP), Information Protection and SharePoint Advanced Management, providing a comprehensive framework for data governance and protections. This gives businesses the clarity and control they need to embrace AI-powered tools confidently, without compromising on security or compliance.

5. Balancing risk and cost: making the most of your existing security stack

One thing is clear – budgets are under pressure. Ambitious mid-sized businesses have already invested in Microsoft security tools but many have only scratched the surface of what’s possible. Organisations need to be smart with their spending. This can be particularly challenging for SMEs with tighter budgets and fewer resources. As one of our clients commented on our stand, “it’s all about sweating your licences”, and it really is. How can businesses make the most of what they have, reducing waste and increasing protection, without additional spend?

This is why we partner with our clients to help them maximise their IT investments, optimising spend and increasing value across their security environments. Too often, we see organisations lose out due to misconfigurations, which can be the result of misunderstanding, lack of resource or even simple human error. For mid-market organisations, the stakes are high. We provide clear, best practice guidance on how to configure, optimise and extend existing Microsoft security investments, helping our customers to strike the right balance between risk management and cost efficiency.

6. Data: a vital asset and a prime target

Data is the lifeblood of your business. Securing it is vital. But true data security goes far beyond access control. It starts with visibility: knowing what data you have, where it lives and who’s using it. You can’t protect what you can’t classify and you can’t classify what you can’t find. Without this foundational understanding, security and compliance efforts are built on shaky ground. And the key question asked by several of the delegates attending our stand last week – “how do we secure our data without impacting day-to-day operations?”

The goal isn’t just to lock data down, it’s to protect it intelligently, without disrupting the flow of daily operations. This is where Softwerx comes in. We help mid-market firms understand their data by leveraging Microsoft Purview so that they can implement smart, scalable taxonomy that enhances control. By educating teams on DLP (Data Loss Prevention), non-conformance and data engagements, we help them gain better control over what’s stored, shared and exposed – before it becomes a potential breach.

7. Cyberattacks – how do mid-market organisations protect against M&S style breaches, cost effectively?

The recent wave of high profile retail security breaches was a major talking point and a real source of concern at Infosecurity Europe 2025. If large, well-resourced organisations can fall victim to cyberattacks, what hope do mid-market firms have? That question came up time and again. Business leaders asked us, “How can we achieve the level of cybersecurity we need to protect our business without blowing the budget or disrupting productivity?”

What’s important here, is that IT leaders understand supply chain risk, as well as their own risk. How does your supply chain interact with your services and how does this impact security? Access polices should be continuously reviewed. Processes that used to work well, may no longer be viable. As our CEO David Smart said, “security is a process, not an event.”

Using Microsoft Defender combined with a strong programme of user awareness training and implementing practical steps like attack simulation, we help our customers reduce the risk of a security breach, protecting the organisation without impacting day-to-day operations.

8. Optimising costs in Microsoft Sentinel

IT leaders are looking for ways to rationalise costs, taking control of IT spend and establishing a structured approach to cost optimisation. That’s the message we heard from vistors loud and clear. True value needs to be achieved, balancing effective security management with budgetary considerations. This can be particularly challenging for midmarket organisations with tighter budgets and fewer resources.

That’s why we work in close partnership with our clients to help them right-size their Microsoft Sentinel deployment from day one. Through smart use of data connectors and log types (auxiliary, basic and alert) to fine-tuning alert rules and automation, we help teams cut through the noise and focus on what truly matters. The result? Greater impact, reduced alert fatigue and stronger security outcomes, without spiralling costs.

9. Cybersecurity is a team sport: collaboration is the new competitive edge

Cybercriminals don’t work in silos. They collaborate. Sharing tools, tactics and intelligence at speed. And this collective approach gives them an edge, allowing them to adapt quickly and strike with precision. Yet, in stark contrast, many organisations still manage cybersecurity in isolation, with limited visibility that slows down response times and ultimately increases risk. In the face of the modern threat landscape, isolation is a vulnerability. Collaboration isn’t just a nice-to-have, it’s a strategic necessity.

At Softwerx we believe cybersecurity is a shared responsibility. That’s why we work hand-in-hand with our customers, Microsoft and our wider partner ecosystem to bring collective intelligence to the front lines of defence. From day one, we’re transparent and hands-on, working directly within your tenant to ensure you’re not just collecting data but collecting the right data. By working as a community, leveraging shared threat insights, coordinated playbooks and proven best practices we can tap into the power of a connected security ecosystem. Because when defenders work together, they don’t just respond faster, they win smarter.

10. Changing perceptions: Microsoft is a recognised leader in cybersecurity

From our stand at Infosecurity 2025, situated right next door to Microsoft’s security stand, one thing was abundantly clear. Microsoft is now a recognised leader in cybersecurity. And the headlines back this up. Microsoft was named a leader in the 2024 Gartner Magic Quadrant for Endpoint Protection Platforms, is an eight-time leader in the Gartner® Magic Quadrant™ for Access Management and a leader in the Forrester Wave™ for XDR.

Microsoft wasn’t always seen as a serious player in the cybersecurity space. For years, it was viewed as the convenient default – good enough but not best-in-class. That perception has shifted and rightly so. Today, Microsoft is a recognised leader in threat intelligence, platform integration and end-to-end security coverage and we’re here to help security teams unlock the full potential of their Microsoft investment. Our role is to bring clarity, proving what’s possible, highlighting where the gaps lie and harnessing powerful enterprise-grade defence for our mid-market customers.

Why Softwerx?

Helping businesses make sense of their Microsoft security investments is where we thrive. We’re not generalists, we’re dedicated Microsoft security specialists, focused exclusively on the mid-market. That focus is what sets us apart and makes us the partner of choice for ambitious mid-market organisations that are ready to unlock more value from the tools they already own. We don’t just understand the Microsoft security ecosystem, we know how to harness it as a strategic asset. Our expertise helps protect your business, drive smarter decisions and unlock untapped value from your existing Microsoft investment.