Small organizations still face a long list of threats to security. These threats and vulnerabilities should take precedence.
Increasingly, cyber criminals are targeting smaller organisations. This makes small and medium-sized enterprises (SMBs) hard to find. They are also working with smaller budgets and staff constraints in the face of a long list of cyber threats, both of which can lead to poor security decisions.
Over the last year, Alert Logic noted that attacks and changes in attack methods affecting SMBs have been steadily increasing. From November 2018 to April 2019, an analysis of 5,000 attacks per day across its customer base reflected a number of ways in which small companies remain exposed. SMBs typically invest less in security programmes, depending on the industry, says Jack Danahy, senior security vice chairman at Alert Logic. Their weak spots can jeopardize them.
“It is more likely that an attack focused at an older, unpatched vulnerability, or a relatively simple phishing attack, will find more success at these smaller organizations,” he explains. “So from my perspective, attackers are focusing on what they perceive as softer targets.” Danahy also says that he “has no doubt” that he has a greater level of public assault on small companies.
As George Anderson, Webroot Marketing Director, notes, some threats that SMBs face today differ from those they faced just a few years ago.
“I think the changes have been very dramatic,” he notes. As an example, he points to nation-state actors now targeting data SMBs hold. “That wasn’t very common four to five years ago,” Anderson explains, but since it was first seen back in 2016, activity has begun to rise.
Small companies must be able to maximize their limited security resources. To do this, the threats and vulnerabilities that put them at the greatest risk have to be well versed. Although it is possible to have the same safety as large companies, different steps have to be taken. Reading on threats to SMBs can help inform policies and procedures to be implemented.
Here, we describe the attacks that SMBs should be aware of and risk the vulnerabilities. Have we missed something? Feel free to add comments to your thoughts.