Research from SonicWall's latest Cyber Threat Report predicts an increase in state-sponsored threats against SMBs and enterprises in 2023. So, why are SMBs an attractive target for threat actors? Does this shift in focus highlight the lucrative potential for threat actors targeting traditionally 'weaker' organisations? How can SMBs mitigate growing threats and protect themselves/customers?
Probrand Senior technical consultant, Richard Nelson, advises.
Whether you’re a SMB or a global corporation, cyber security best practice remains the same – the difference is that SMBs typically have less budget and resources to invest in sufficient levels of security. For example, education and training in smaller organisations may suffer because there isn’t the same budget or internal expertise. Equally, SMBs may not always see the value in increasing cyber security budgets because of a lack of breaches encountered in the past. SMBs also don’t always have the budget to have a Security Operations Centre (SOC) to react to any cyber attacks actively happening.
By assuming a ‘zero trust’ approach – that a security breach is possible at any given moment – businesses can be prepared for an attack and can limit how much damage could occur. Some of the ways this can be achieved may include an audit of your cyber security capabilities, to pinpoint any weaknesses, as well as getting certified with Cyber Essentials – a set of IT security standards that you can put in place, test against, and attain without it costing the earth or causing a big disruption to the way you operate.
There are also some basics that can be deployed to alleviate the risk that’s increased as a result of home working. This includes looking at cloud solutions, such as mobile device management (MDM), to update the security on the devices used by employees. This will ensure all devices accessing corporate data – wherever they are – will have the latest antivirus, firewall and software patches in place. They can verify that these updates have happened and validate that things are working as they should be.
Beyond this, regular training is one of the most effective ways to empower staff to stay on top of new threats. One type of training that is especially effective in helping to prepare employees for common exploits is running simulated attacks. This can involve sending spoof emails to see how employees react. This isn’t about catching people out but pinpointing any weak spots and identifying any areas where employees may need additional support.
As well as avoiding a potential crisis, being able to demonstrate good levels of cyber security can make you an attractive option for larger enterprises looking to enlist your services. Larger customers will likely place a higher value on security, so proving you’ve got this covered can actually help you win business, especially if you have an accreditation to prove it, such as Cyber Essentials.
The final piece of the puzzle is having a secure and air gapped backup and disaster recovery system in place. The air gap technique means that at any given time, a copy of any sensitive or confidential data is offline and physically disconnected from your network. Prevention is always better than cure, but plan for the worst and you will always be able to restore to a different platform.