August 12, 2015 By Vijay Dheap 2 min read

We all read the headlines — large airlines, major banks, well-known retailers and even critical government agencies being compromised by cyberattacks. Not only is that just the tip of the cybersecurity iceberg, but in many ways our attention within this sphere is diverted to just the symptoms of a much broader problem.

Cybercriminals Start Small

Consider this: Smart attackers will not start their malicious enterprise going after the big brands, let alone a guarded government entity. They will start small and attempt to take down easier targets to mitigate the risk of detection. They will learn techniques, understand linkages and perfect their trade. Small and midsize organizations that do not have the resources or the awareness of cyberthreats become the ideal training wheels for cybercriminals and organized crime rings.

Compounding this issue are all the nefarious tools pervading the Dark Web. They lower the skills barrier necessary for perpetrating cyberattacks, shorten the time for acquiring experience and increase automation to create broad attacks. To better balance the scales, we as an industry need to place greater focus on extending the reach of cybersecurity, especially security intelligence, to strengthen the collective security posture of our business ecosystems.

Cybersecurity is a sophisticated practice, and the economics are stacked up against small and midsize organizations. Smaller organizations have to perform cybersecurity assessments to evaluate their security requirements; acquire the necessary technology; establish appropriate processes and budget for staffing to operate; and manage those acquired tools effectively. As a result, cybersecurity vendors from startups to massive organizations have traditionally catered to large-scale enterprises that are able to make big investments and have some established cybersecurity practices. Cybersecurity vendors then turn to service providers to access the volume market.

Catering to Smaller Cybersecurity Environments

While service providers have always been eager to assume the role of distributors for cybersecurity vendors, there is a more prominent potential position in the value chain. Many service providers behave as an extended sales team, others deliver incremental value by providing add-on services and a few advanced ones invest in building enhancements to deliver unique offerings.

Although small and midsize organizations have increased access to cybersecurity capabilities, there are still limitations on knowledge transfer, effectiveness of implementations and the security value derived. To fully unlock the potential of the volume market, it is necessary to formulate more standardized deployments of security technology that are more easily consumable by small and midsize organizations such that they practice good security.

There’s an opportunity here for service providers: They can fundamentally transition from being mere distributors to hubs of security competencies. Through rigorous standardization of best practices, diligent accumulation of security content and investment in the development of reusable assets, service providers will be able to deliver differentiated security value and tap into greater economies of scale. Service providers that seize this opportunity become more lucrative partners for cybersecurity vendors and in turn extend the reach of best-in-class cybersecurity solutions to small and midsize organizations.

Promoting the evolution of service providers into being force multipliers of cybersecurity will enable our industry to build greater global intelligence and more successfully balance the current advantage held by malicious actors.

More from Intelligence & Analytics

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today