Look around any modern small or medium business (SMB) and you will see how IT solutions are critical to business success. IT seems to matter to small-medium business. Yet those very same businesses treat the security of these IT solutions as an onerous requirement.
This lack of sophistication around most SMBs security stance means they have become a lucrative and easy target. Without the sufficient defences in place to protect, detect or react to cybersecurity attacks, it’s no surprise that more than 61% of SMBs (2017 Ponemon Institute Study) have been breached in the last 12 months.
SMB Security Today Is Focused On Just Protect, Pray & Then React
Today most SMBs approach to any kind of attack – which includes data breaches – is a reactive one. Think about it, in every kind of attack-related scenario – whether an external attack, an insider threat, malware infection, ransomware attack, etc. – the “business as usual” methodology is to detect the attack/infection and then to react with an incident response plan.
The problem with this methodology when considering a data breach, is that the average cost/record in a data breach (which includes the cost of investigation, legal, PR, remediation, etc.) is $141 – that’s per record ((2017 Ponemon Institute Study). So, even a “small” data breach of only 1000 records, will cost an average of $141,000.
It’s simply not cost-effective to just put the barriers up and pray.
Avoid Data Breaches With A Layered Defence
What’s needed is a far more proactive approach – one that uses a layered security strategy, detecting suspicious activity at each step of the breach “process”, and putting a stop to a potential breach as early in that process as is possible.
At a high-level, your proactive approach to thwarting data breaches is accomplished by protecting your most valuable data at a few levels:
Vulnerability Protection – The bad guys need to get in somehow, and known vulnerabilities are a prime target. Ensuring operating systems and applications are patched is critical. Sure, this may seem rudimentary, but the reality is even in environments where it’s believed to be completely patched, vulnerabilities still exist, giving attackers entrance to your network.
Threat Protection – Should an attacker get in, you need to have a way to stop them before they can do anything truly malicious. AV, endpoint protection, and application whitelisting are just a few types of security solutions that can neutralise a threat the moment it rears its ugly head.
Environment Protection – Attacks can’t succeed without first logging onto the system containing the data of value. Having some kind of logon monitoring in place will provide you leading indicators that misuse of credentials is in play – well before an actual breach occurs.
Data Protection – You need to assume the bad guys can get past the first three layers. If they do, you need a way to keep tabs on the data you deem worthy of stealing (and keep in mind, it may not just be your customer or credit card data; even your upcoming press releases can be used for insider trading if you work at a publicly traded company). This means using file-level or application-based auditing of access to identify and notify IT of improper access the moment it starts.
Data breaches are too costly to any sized organisation to be left to just protect, pray and react. And there’s a lot you can do – even with native tools – to put a layered proactive security stance in place. Here we highlight 8 SMB-friendly criteria to help achieve maximum impact with minimum effort.
Consider putting some or all of these proactive protective layers in place to protect your organisation from a data breach.