Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

A battle cry for SMBs to address cybersecurity

By: Lisa Ashijan, lead product marketing manager, AT&T Cybersecurity

by Guru Writer
April 9, 2021
in Featured, Insight
A battle cry for SMBs to address cybersecurity
Share on FacebookShare on Twitter

When we read about cyberattacks in the news, they typically involve a well-known brand or large enterprise. The perception is the bigger the organization, the greater the impact. However, the recent attack on Microsoft Exchange Servers is expected to impact over 60,000 organisations. Indeed, this is likely to be higher given that recent research has found more than 10 different advanced persistent threat (APT) groups are exploiting the Microsoft Exchange vulnerabilities. The worst part, however, is that the most susceptible organisations fall in the small to medium-sized category.

 

Why is this? Because larger businesses, with stronger and more mature security practices, have the defenses in place to keep bad actors from infiltrating their company while many small businesses do not. With time of the essence, the cybersecurity industry needs to quickly rally around SMBs to guide them in this time of need.

 

To give some background on the Microsoft Exchange Servers attack, the vulnerability was shared on March 2nd, 2021 with a patch to the issue made public the next day. However, this small window was enough for cybercriminals to manifest an automated attack against these servers. With estimates on the number of impacted organisations rising, we do know it is largely the SMBs that were targeted.

 

Therefore, it is essential that SMBs adopt a proactive stance to cybersecurity. This incident should act as a wake-up call for all businesses, no matter what size or level of their security maturity, to take action.

 

Recent research on security maturity and business outcomes found that there is not a dependency on company size in relation to having a strong security posture. Instead, by allocating time to strategize, plan and implement a strong cybersecurity culture, any sized business can achieve a mature cybersecurity program.

 

If cybersecurity is a new concept for the business, first take the necessary steps to follow best practises, as set out by the NIST Cybersecurity framework, as a minimum. Furthermore, to enhance the organisation’s overall security maturity, there are 4 key categories that need to be addressed: cyber strategy and risk, network security, endpoint security, and threat detection and response capabilities.

 

What is the current level of the cyber strategy and risk?

Small business owners are focussed on running their business with cybersecurity often a secondary concern. To begin with, businesses should seek consultation from industry experts to provide an assessment of the infrastructure to determine areas of concern. This will help the business plan, adapt and grow to stay competitive. It also will provide insight into how the business’ security measures stack up to the needs of the business currently and for the future.

 

An assessment by an external consultant can also examine whether the business is meeting compliance and regulatory requirements, which can be weaved into the security strategy. This guidance not only helps to improve the overall security posture, but also saves costs in the long run.

 

Protect the networks

Connected networks need the right security elements in place for protection. Network security can be conducted by one security vendor so long as the connectivity and visibility are both being protected. This will not only build trust from customers but also help the business meet compliance with industry regulations.

 

Endpoints must be accounted for and protected

It is crucial for small businesses to understand that endpoints are an entry point to the system that can be exploited. Smart phones, laptops and any other Internet of Things (IoT) devices that connect to the network will need protection. Small businesses should implement a solution that can provide visibility into these devices to ensure no rogue entries onto the network.

 

Speed is key

Cybersecurity is fast paced. Hackers act quickly and security defences need to act earlier to detect and respond to threats, ideally before they even reach a critical level. Security monitoring needs to be integrated and centralised across both cloud and on-premises environments. With that said, support is available to help with implementation, such as through professional services. SMBs should seek out providers that can deliver these services as well as integration to advanced threat intelligence for faster threat detection and response.

 

So, where to begin?

Small businesses should not think small when it comes to cybersecurity. The same resources, tools, and professionals that large businesses have are ready and waiting to help SMBs. You do not need to be an expert in the field; the experts can be made available to give the necessary guidance to address the security needs of the business. For those unsure of what direction to take in terms of managing the security elements, the option to employ a Managed Security Service Provider might be ideal. This approach provides 24×7 monitoring, giving business owners peace of mind to focus on business operations.

 

FacebookTweetLinkedIn
ShareTweet
Previous Post

Apple Mail zero-click vulnerability could allow attackers to take-over victims accounts

Next Post

How Can Security Training Harden Your DevOps Process?

Recent News

software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023
ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information