informa
Slideshow

7 Big Factors Putting Small Businesses At Risk

Small organizations still face a long list of security threats. These threats and vulnerabilities should be top of mind.
Big Attacks Prey On Weak Targets
Island Hopping: Not as Fun as It Sounds
The Problem with Patching
Personalized Phishing Campaigns
Unsupported Versions of Windows
Configuration Challenges
An Ongoing Search for Expertise
1/7

Cybercriminals are increasingly taking aim at smaller organizations. This puts small and midsize businesses (SMBs) in a tough spot. Faced with a long list of cyberthreats, they also are operating with smaller budgets and staff constraints, both of which can lead them to make poor security decisions.

Over the past year, Alert Logic has observed a "steady increase" in attacks and changes in attack methods affecting SMBs. An analysis of 5,000 attacks per day across its customer base from November 2018 to April 2019 reflected a variety of ways small businesses leave themselves exposed. Depending on the industry, SMBs typically invest less in security programs, says Jack Danahy, senior vice president of security at Alert Logic. Their weak spots can put them at risk.

"It is more likely that an attack focused at an older, unpatched vulnerability, or a relatively simple phishing attack, will find more success at these smaller organizations," he explains. "So from my perspective, attackers are focusing on what they perceive as softer targets." Danahy also says he has "no doubt" of a higher level of successful public attacks on smaller businesses.

As George Anderson, product marketing director at Webroot, points out, some of the threats SMBs face today are different from the security challenges they faced just a few years ago.

"I think the changes have been very dramatic," he notes. As an example, he points to nation-state actors now targeting data SMBs hold. "That wasn't very common four to five years ago," Anderson explains, but activity has started to ramp up since it was first spotted back in 2016.

It's imperative small businesses know how to maximize their limited security resources. To do so, they must be well-versed in the threats and vulnerabilities putting them at greatest risk. While it's possible to have the same security as large firms, different steps need to be made. Reading up on SMB threats can help inform policies and procedures they should put in place.

Here, we outline the attacks SMBs should be aware of and the vulnerabilities putting them at risk. Did we miss anything? Feel free to add your thoughts in the comments.

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "5 Ways to Improve the Patching Process."

 
Next slide
Recommended Reading: