Managed Detection and Response
How Cybersecurity Impacts and Protects SMBs
January 19, 2020 | 3 min read
BlueVoyant
According to the Small Business Administration, there are 30 million small businesses operating in the United States. They employ nearly half of the U.S. workforce. The internet has provided small-to-midsize businesses (SMBs) with great opportunities, but it has also opened them up to increased cybersecurity risk.
Although SMBs face the same evolving threat landscape that confronts larger organizations, they have fewer resources to invest in cybersecurity, making them a more lucrative target for cyber criminals. As larger organizations invest heavily and become more secure, hackers increasingly target smaller organizations lacking the resources and budgets to implement similar security solutions.
Cyber crime has evolved into big business, and cybercriminals are businessmen who are guided by a desire to turn a profit. When confronted with obstacles, they will take the path of least resistance in search of an easier ROI; after all, a dollar from a large well-secured organization is worth exactly the same as a dollar from a smaller, less secure organization.
It is interesting to note that the creators of the infamous ransomware-as-a-service, GandCrab, claimed to have retired after making $2 billion. It is possible that just like people in other lines of work, they had dreams of early retirement. However, it has been rumored, and evidence suggests, that the GandCrab creators did not retire that particular product until after they developed and began to profit from a new ransomware, Sodinokibi.
The constantly changing threat landscape makes it hard for even seasoned cyber professionals to stay on top of what’s new. Ransomware has re-emerged as a serious threat, becoming more frequent and constantly evolving. Advanced versions can even adapt to the environment they breach and effectively evade common countermeasures.
Statistics indicate that SMBs that were the victims of a cyberattack are more likely to be targeted again in the future. In addition, it is increasingly difficult for SMBs to recover from a cyber attack as the cost of the attack itself, the cost of business disruption, and the cost of reputational damage steadily increase. Although it’s hard to believe, the U.S. Securities and Exchange Commission claims that roughly 60% of SMBs fail within six months of a cyber attack.
The 2019 Hiscox Cyber Readiness Report indicates that while the mean cost of all incidents for very small businesses has decreased, the cost of incidents for companies with 50 to 1000 employees has increased dramatically since 2018. This same report indicates that the mean cost of the largest single incidents has undergone profound increases since 2018.
Many SMBs are unsure of the steps that they should take to improve their cybersecurity, and even fewer have formal cybersecurity policies in place. Budget and resource constraints force many to rely on outdated security tools. While these solutions block many common types of malware, they are not effective against today’s dynamic, multi-vector, multi-stage cyberattacks.
SMBs are increasingly used as a vehicle for supply chain attacks that impact their relationships with their larger business partners. It’s not uncommon for relationships to be terminated after a security incident.
To reduce their risk of security incidents, SMBs should undertake the following activities:
- TRAINING: Security awareness training that includes phishing simulations to help employees know the signs of an attack
- ASSESSMENTS: A third-party security assessment that identifies vulnerabilities (the National Institute of Standards and Technology (NIST) assessment framework is a starting place for those who prefer DIY)
- PLANS: A data breach response plan that identifies who to call in an emergency, how you will respond and remediate, and a plan for communicating during an attack
- PROACTIVE PROTECTION: A comprehensive, proactive plan for ongoing risk mitigation
- AUDITS: Engaging an independent security auditor or a managed service provider to help assess your security posture and create incident response policies and plans
Attackers are continually creating new attack vectors, and adapting old ones, seeking ways to profit from businesses of all sizes. With the right cybersecurity strategy, SMBs can adapt, protect, and fortify their digital assets.
Because small-to-midsize businesses are especially vulnerable to cyber crime, it is crucial for them to make the most of cybersecurity budgets, and work to replace outdated and insufficient technology. They can start by assessing vulnerabilities in their existing infrastructure, engaging an independent auditor, and/or seeking the assistance of a managed security services provider (MSSP), which could give them an added layer of protection from cyber crime and help them avoid business disruptions.
Many SMBs have determined that hiring a managed security service provider (MSSP) can help reduce the costs associated with in-house security, 24/7 network monitoring, next-generation antivirus (NGAV), and advanced threat intelligence and threat detection tools.
Related Reading
Digital Risk Protection
From Zelle to Your Wallet: The Mechanics of Third-Party Phishing
September 12, 2024 | 3 min read
Managed Detection and Response
Forrester Study: BlueVoyant MDR Delivered a 210% Return on Investment for Clients Through Effective Threat Detection and Response, Optimized SecOps Spending, and Reduced Breach Incidence
September 10, 2024 | 5 min read