Cyber criminals are increasingly targeting small and medium sized businesses (SMBs) in the belief that they have not invested in the security technology required to thwart attacks. In fact, 43% of cyberattacks are aimed at SMBs. Cybercriminals are rational, profit-driven and highly organised: they know that attacking easy targets can result in a bigger aggregate pay-day.
For either large or small organisations: there’s simply no alternative to sustained investment in cyber defences. The reputational damage and financial losses that can result from an attacks and breaches mean that managers need to shift perspective and realise that the costs involved are “more than a technology investment”, according to analyst firm IDC.
Investing in cyber defence, IDC suggests, should be “part of the company’s mindset and culture”.
The study adds: “Over the past few years, we've witnessed many SMBs increasing their cybersecurity capabilities, particularly due to the shift to hybrid and remote work.”
Meanwhile, the threat landscape will continue to change as attackers uncover new vulnerabilities. Adding remote working and cloud-based software into the mix potentially makes the job of protecting assets more challenging.
Companies will continue to outgrow solutions that previously seemed appropriate. Cybersecurity will still have to contend other priorities as IT teams struggle to work through a lengthy list of maintenance and support requests.
SMBs need to break down the job of cyber defence into two areas. First, there’s a need to minimise existing vulnerabilities by applying patches and upgrades before vulnerabilities can be exploited.
Next, business managers need to identify where existing protections need improvement. Here are four key areas where it’s critical to be running countermeasures that keep pace with known and emerging threats:
- Firewall and DNS protection: these traffic-blocking tools are your initial lines of defence against cyberattacks. Cisco offers high quality firewall and DNS protection across its range of security solutions, including Meraki and Umbrella.
- Multi-factor identification: verify every device that tries to access your applications using security solutions like Cisco Duo (a high specification access management tool).
- Single Sign-On (SSO): allowing employees to use a single set of credentials to log into all applications means they no longer have to recall multiple passwords, some of which inevitably get recorded in insecure ways. SSO also simplifies the job of ensuring that ex-employees no longer have access to your systems (a significant source of cyber vulnerability). Check out the SSO functionality offered by Cisco Duo.
- Endpoint Protection and Virtual Private Networks (VPNs): these solutions allow remote employees to establish secure connections with the office-based network. Cisco offers multiple ways to run VPNs and endpoint protection, including through its Secure Endpoint product.
Cisco helps businesses secure themselves against rapidly evolving cyber threats. Our products and services for SMBs offer best-in-class threat protection, market-leading performance and highly competitive pricing. Define your priorities and learn which solutions suit your business by using our Product Selector.