Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

6/29/2020
10:00 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.

As organizations across the country begin to emerge from their mandatory COVID-19 hibernations, the transition could be difficult for many as they continue to feel the brunt of the health crisis and its economic impact. These challenges would be exacerbated for small and midsize businesses (SMBs). Although reopenings and renewed operations offer initial hope, they're also being met with a great deal of uncertainty because many SMBs have fewer resources — in terms of capital and personnel — than they previously had.

Often overshadowed by large enterprises, SMBs are responsible for nearly 44% of economic activity in the United States, according to the US Small Business Administration. But given the current climate, it can be difficult for SMBs to find available and/or affordable resources, and they are finding themselves easy targets for cyberattacks. In response, they are looking to the cybersecurity community now more than ever for accessible cybersecurity solutions, especially considering the never-ending wave of malware, ransomware, and phishing campaigns.

What exactly should SMBs be looking for as they determine the best products and services to mitigate their cybersecurity issues and enhance their overall security postures? Here are three simple, yet effective suggestions.

Simple Pricing
First and foremost, finding free or low-cost versions of cybersecurity products or services is a must. Luckily for SMBs, many organizations have offered their solutions at discounted rates in response to the coronavirus pandemic. These security vendors are rightfully recognizing how essential it is to keep SMBs — which serve as the backbone of their local economies — up and running. By taking advantage of these discounts and forming initial business relationships with vendors, SMBs that weather the COVID-19 storm will already have the resources and relationships in place to scale their security needs once "normal" operations resume.

However, it's important to note that SMBs should look out for any fine print attached to discounted solutions regarding geographic boundaries, user threshold limits, and specific time frames. While anyone in need of enhanced security should have the ability to access such terms, this is often not the case, and SMBs should be especially wary of hidden or misleading disclaimers.

Ease of Installation and Deployment
SMBs typically employ small IT teams that often cover security as a secondary skill set, so it can be understandingly overwhelming for them to choose from among the sheer number of available security products and services. This also makes it difficult for them to understand which of the thousands of solutions on the market are the right fit for their business needs. Even if all of the details are outlined, SMB decision-makers can still struggle with simply knowing how to respond to active threats and deploying the technology. Therefore, solutions that are very simple, both in terms of installation and deployment, should be prioritized by those involved in leadership positions.

Low Maintenance and User Experience
Similarly, ongoing maintenance that does not require a dedicated IT or security team to constantly implement updates or include additional customizations should be emphasized when comparing options. Given that day-to-day users will likely not be security-savvy, having an intuitive user experience should be a key component of any security solution under consideration. Employees will want to be able to maintain their level of productivity while simultaneously staying secure. Ultimately, the balance between easy maintenance and enhanced usability is a delicate one, but SMBs shouldn't think they have to trade one for the other. 

By taking these three recommendations to heart, SMBs can improve their overall security and collectively protect the businesses that make up nearly half of our country's economy. Even better, they'll be able to keep their doors open for business to customers and keep their workers employed, while keeping both parties secure from cyber threats.

Related Articles:

 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register for this On-Demand event. 
 

Kowsik Guruswamy is CTO of Menlo Security. Previously, he was co-­founder and CTO at Mu Dynamics, which pioneered a new way to analyze networked products for security vulnerabilities. Before Mu, he was a distinguished engineer at Juniper Networks. Kowsik joined Juniper ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:34:36 PM
Fine prints
However, it's important to note that SMBs should look out for any fine print attached to discounted solutions regarding geographic boundaries That is where we need to be careful, you do not want to end up with a solution that does not help.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:31:47 PM
User experience
having an intuitive user experience should be a key component of any security solution under consideration User experience and security may collide if not implemented properly. Better be careful.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:29:44 PM
Skills
SMBs typically employ small IT teams that often cover security as a secondary skill set, Ok. Security skills is quite different than other IT skills and we tend to lick of it most of the time.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:27:43 PM
SMBs
current climate, it can be difficult for SMBs to find available and/or affordable resources, and they are finding themselves easy targets for cyberattacks. That makes sense, affordable security solution would help SMBs.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:25:38 PM
Security
because many SMBs have fewer resources in terms of capital and personnel than they previously had. This makes sense, fewer resources mean less allocation for security.
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21070
PUBLISHED: 2021-04-19
Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges.
CVE-2020-7851
PUBLISHED: 2021-04-19
Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing damage...
CVE-2021-29399
PUBLISHED: 2021-04-19
XMB is vulnerable to cross-site scripting (XSS) due to inadequate filtering of BBCode input. This bug affects all versions of XMB. All XMB installations must be updated to versions 1.9.12.03 or 1.9.11.16.
CVE-2021-23381
PUBLISHED: 2021-04-18
This affects all versions of package killing. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23374
PUBLISHED: 2021-04-18
This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.