SMB businesses face a unique challenge in terms of the cybersecurity landscape. They are increasingly being targeted by cyber attackers because of their weaker cybersecurity defences and the fact that they may be an easy back door into a large enterprise’s network.
It is evident that the best approach to enabling a robust and effective security posture is to coordinate personnel, processes and technology to work in harmony and effect the maximum effectiveness. In this respect SMB businesses have specific challenges to overcome which can include;
- Lack of talented personnel – this is a problem that large enterprises also have but it is magnified in SMBs
- Complexity – integrating security systems can be a complex task especially in the typical environment where there are multiple disparate vendor systems. In truth sometimes, a single vendor solution has its own compatibility issues
- Executive Commitment – there is still a high level of inertia at executive level wrt committing to resource for cybersecurity. It’s like an insurance policy, it proves its worth only when you have an incident – but in many cases, this could be too late
Businesses have recognised that there is a major challenge around mobility and the shift to mobile working as well as the workspace embracing mobile devices. At least 50% of IT Security teams consider protection of mobile-based threats to be very challenging.
To overcome the mobile challenge and also as a means of bolstering security without increasing resources many security teams are turning to the cloud. In fact, some 70% of SMB businesses now host some workloads in the cloud and of those surveyed, 68% have said they did so to improve the security. Other benefits included scalability and reduced administration, but the number one reason was security. This is good providing the businesses understand their own obligations to secure user access and data in the cloud – something that a cloud provider will not be responsible. Also, there is the question of how the cloud providers security process may interoperate with the customers process to ensure incidents are alerted immediately and there is a clear demarcation of responsibilities. The NCSC have published some good guidance on selecting cloud providers.
Many businesses face a shortage of trained and skilled security personnel that are able to analyse security incidents in a timely and implement the necessary mitigation. In fact, surveys have revealed that over 50% of security alerts/events are being ignored.
An increasing trend to solve this challenge is to outsource security analyst tasks to a cloud or specialist security provider. In this way the business can effect specialist level assistance without having to try and employ security personnel in a market where the shortage is increasing – a challenge faced also by vendors and large enterprise. If outsourcing works well, they can get rapid, impartial analysis and recommendation.
Establishing the capabilities and suitability of the specialist provider is in itself a challenge because the security teams need to understand what will constitute a good service both from a process and technical level.
Another approach being taken to mitigate the skills shortage it to employ AI and Machine Learning. This technology is increasingly being deployed to detect and respond to anomalies at machine speed, giving greater protection against new attacks.
The challenges faced by SMBs given a strategic approach can be addressed over time with a combination of people, processes and technology. Going forward it is important for SMBs to drive incremental improvements in cybersecurity especially in the context of a strategy. Different layers of security can be improved over time in line with budgets and therefore the gains can be consolidated over time.