SMBs face the same threats as larger companies but are challenged with limited resources, budgets and security talent. Organizations that outsource with an experienced security partner can make up for shortfalls in expertise and resources.
In 2021, 40% of SMBs experienced a security breach partly because they are low-hanging fruit and attractive targets for leapfrogging to a larger game. Michelle Drolet, CEO of Towerwall, explains how SMBs can lower risk and improve cybersecurity posture with basic, essential safeguards that include managed detection and response, endpoint detection, pentesting and outsourcing security leadership.
Cyber-attacks on small and medium-sized businesses (SMBs) are escalating by more than 150%, reaching 31,000 attacks per day. Last year, 82% of all ransomware attacks targeted SMB organizations. They also experience 350% more social engineering attacks than larger organizations.
The pandemic significantly increased the digital footprint of most businesses when employees shifted to remote work outside of the traditional corporate perimeter. SMBs typically have limited investments in cybersecurity, are often understaffed, and are concerned more with business health than with cybersecurity risk. SMBs also serve as an entry point into larger partner or supply chain organizations that offer cybercriminals higher-value targets.
How SMBs Can Improve Their Cybersecurity Defenses
SMBs face the same threats as larger companies but are challenged with limited resources, budgets and security talent. Organizations that outsource with an experienced security partner can make up for shortfalls in expertise and resources. Below is a set of (limited, not all-inclusive) essential security services SMBs can leverage from an outsourced provider to bolster their defenses:
1. Managed Detection and Response (MDR)
A Security Operations Center (SOC) is a centralized function consisting of an information security team that monitors, analyzes, detects and responds to cybersecurity incidents 24×7. Building and maintaining such an SOC can cost millions of dollars each year, which is why nearly 70% of SMBs don’t have an in-house SOC and are unable to provide 24×7 security coverage. To overcome this challenge, businesses can avail of MDR services from an experienced cybersecurity provider that can remotely detect, analyze, investigate and contain threats as they emerge. In an MDR service, data is logged and analyzed by skilled cybersecurity professionals that provide 24×7 monitoring and incident response services. Some MDR providers even offer breach warranty protection through their cyber insurance, which can give SMBs some additional piece of mind in the event a cyber-attack is successful.
2. Endpoint Detection and Response (EDR)
SMBs have hundreds of endpoints, including desktops, servers, laptops, mobile devices, and Internet of Things (IoT) devices (like CCTV cameras, air conditioning systems, etc.). Each endpoint is a potential entry point for a lethal cyber-attack. Endpoint protection platforms such as EDR can help monitor endpoints for suspicious activity in real-time, identify threat patterns, analyze them and contain or report them if necessary. If an organization lacks resources to self-manage EDR, the technology is remotely manageable via a centralized console. This enables continuous monitoring, and SMBs can proactively defend themselves against zero-day malware and targeted attacks. Even some cyber insurers now require businesses to have EDR protection before they approve new policies.
3. Penetration Testing
Organizations can reduce costs and mitigate threats with early detection. Penetration testing (or “pentesting”) is a simulated cyber-attack that applies a stress test to networks, applications, or environments to identify weaknesses, loopholes and vulnerabilities. Most SMBs overlook this step because testing can be expensive and time-consuming. However, when you look at the direct or indirect costs associated with a cyber-attack – SMBs spend an average of $38,000 in direct costs plus an additional $8,000 in indirect costs – pentesting makes common sense. Pentests can be customized to meet individual requirements, perform both internally and externally, and focus on specific areas like wireless, cloud, applications or social engineering. It’s also advisable to run a vulnerability scan of your environment’s entire attack surface (servers, endpoints, cloud environments, etc.) regularly. This ensures the organization is running the latest updates and security patches, which minimizes the amount of loopholes cyber attackers can exploit.
vCISO to the Rescue
The ever-increasing demand for cybersecurity services is fueling the demand for cybersecurity executives who can operate at the strategic level. Organizations need senior people that can lay the foundation for policies and procedures, guide them on various aspects of data privacy, governance and compliance, and set the tone for a cybersecurity culture. That said, finding and retaining a full-time security leader can be a major challenge – such people are hard to find, are expensive, and suffer from high turnover. What’s more, most SMBs don’t require a full-time CISO or CSO. Organizations must therefore get creative and find a way to secure leadership without stretching financials or investing in inadequate security tools. vCISOs (virtual chief information security officers) can be recruited on-demand and come without the overhead of a full-time leader. They can be hired on a retainer for a set number of hours or on a project or incident basis.
Since vCISOs are industry veterans with substantial domain knowledge and hands-on expertise, they don’t need training and can immediately step in and fill the void of a leadership position.
If an organization is seeking help with cyber insurance, vCISOs can help analyze the current state of security controls, assist with selecting new policies, review existing ones, and help manage the claim process.
The threat surface grows vast and complex as the world moves towards hyper-connectivity. Businesses, particularly SMBs, will always struggle to balance budgets, resources, technology and growth. Organizations must therefore think creatively with cybersecurity, to do more with less, but never compromise. This is where cybersecurity services can be a game changer for SMBs.