Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

6/29/2020
10:00 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.

As organizations across the country begin to emerge from their mandatory COVID-19 hibernations, the transition could be difficult for many as they continue to feel the brunt of the health crisis and its economic impact. These challenges would be exacerbated for small and midsize businesses (SMBs). Although reopenings and renewed operations offer initial hope, they're also being met with a great deal of uncertainty because many SMBs have fewer resources — in terms of capital and personnel — than they previously had.

Often overshadowed by large enterprises, SMBs are responsible for nearly 44% of economic activity in the United States, according to the US Small Business Administration. But given the current climate, it can be difficult for SMBs to find available and/or affordable resources, and they are finding themselves easy targets for cyberattacks. In response, they are looking to the cybersecurity community now more than ever for accessible cybersecurity solutions, especially considering the never-ending wave of malware, ransomware, and phishing campaigns.

What exactly should SMBs be looking for as they determine the best products and services to mitigate their cybersecurity issues and enhance their overall security postures? Here are three simple, yet effective suggestions.

Simple Pricing
First and foremost, finding free or low-cost versions of cybersecurity products or services is a must. Luckily for SMBs, many organizations have offered their solutions at discounted rates in response to the coronavirus pandemic. These security vendors are rightfully recognizing how essential it is to keep SMBs — which serve as the backbone of their local economies — up and running. By taking advantage of these discounts and forming initial business relationships with vendors, SMBs that weather the COVID-19 storm will already have the resources and relationships in place to scale their security needs once "normal" operations resume.

However, it's important to note that SMBs should look out for any fine print attached to discounted solutions regarding geographic boundaries, user threshold limits, and specific time frames. While anyone in need of enhanced security should have the ability to access such terms, this is often not the case, and SMBs should be especially wary of hidden or misleading disclaimers.

Ease of Installation and Deployment
SMBs typically employ small IT teams that often cover security as a secondary skill set, so it can be understandingly overwhelming for them to choose from among the sheer number of available security products and services. This also makes it difficult for them to understand which of the thousands of solutions on the market are the right fit for their business needs. Even if all of the details are outlined, SMB decision-makers can still struggle with simply knowing how to respond to active threats and deploying the technology. Therefore, solutions that are very simple, both in terms of installation and deployment, should be prioritized by those involved in leadership positions.

Low Maintenance and User Experience
Similarly, ongoing maintenance that does not require a dedicated IT or security team to constantly implement updates or include additional customizations should be emphasized when comparing options. Given that day-to-day users will likely not be security-savvy, having an intuitive user experience should be a key component of any security solution under consideration. Employees will want to be able to maintain their level of productivity while simultaneously staying secure. Ultimately, the balance between easy maintenance and enhanced usability is a delicate one, but SMBs shouldn't think they have to trade one for the other. 

By taking these three recommendations to heart, SMBs can improve their overall security and collectively protect the businesses that make up nearly half of our country's economy. Even better, they'll be able to keep their doors open for business to customers and keep their workers employed, while keeping both parties secure from cyber threats.

Related Articles:

 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register for this On-Demand event. 
 

Kowsik Guruswamy is CTO of Menlo Security. Previously, he was co-­founder and CTO at Mu Dynamics, which pioneered a new way to analyze networked products for security vulnerabilities. Before Mu, he was a distinguished engineer at Juniper Networks. Kowsik joined Juniper ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:25:38 PM
Security
because many SMBs have fewer resources in terms of capital and personnel than they previously had. This makes sense, fewer resources mean less allocation for security.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:27:43 PM
SMBs
current climate, it can be difficult for SMBs to find available and/or affordable resources, and they are finding themselves easy targets for cyberattacks. That makes sense, affordable security solution would help SMBs.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:29:44 PM
Skills
SMBs typically employ small IT teams that often cover security as a secondary skill set, Ok. Security skills is quite different than other IT skills and we tend to lick of it most of the time.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:31:47 PM
User experience
having an intuitive user experience should be a key component of any security solution under consideration User experience and security may collide if not implemented properly. Better be careful.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/29/2020 | 9:34:36 PM
Fine prints
However, it's important to note that SMBs should look out for any fine print attached to discounted solutions regarding geographic boundaries That is where we need to be careful, you do not want to end up with a solution that does not help.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/14/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
In this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17475
PUBLISHED: 2020-08-14
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
CVE-2020-0255
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-14353
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidate is a duplicate of CVE-2017-18270. Notes: All CVE users should reference CVE-2017-18270 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-17464
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-17473
PUBLISHED: 2020-08-14
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.