Why SMBs Can’t Overlook Security
Globalization, the increasing speed of transactions, enhancing productivity and reducing costs with aggressive delivery models such as the cloud — these are the innovations and challenges that small and midsize businesses (SMBs) must address. Doing so with a singular focus on ROI, however, often results in exposing SMBs to greater security risk.
Unfortunately, it is a common misconception that the threat of targeted cyberattacks is unique to large enterprises. Small businesses are at equal risk, and the consequences can be much more severe. While any business that has been the victim of an attack will suffer some degree of reputational harm, the damage incurred by a sophisticated, targeted attack could sink an SMB. Security, then, should be top-of-mind for smaller businesses.
A Security Strategy for SMBs
Security investments should always have specific goals. For SMBs, the goal should be the ability to prevent attacks, identify attacks and respond to attacks. While there are different technologies available on the market today that should be able to do this, they are often poorly integrated and difficult to manage; thus, they do not guarantee a real defense. What businesses need is an integrated approach to security.
Following an attack through its entire life cycle — from prevention and detection to response — is the goal of the IBM Threat Protection System, which consists of software components, hardware and services, and provides an integrated solution designed to combat cyberthreats. Below is a quick analysis of the various phases of an attack and the components of the IBM Threat Protection System involved.
This is the most important area. As attacks become more sophisticated, they are taking longer to implement from beginning to end. One the one hand, if an attack isn’t caught and prevented in time, the consequences could be more severe; but on the other hand, it gives an organization’s security team more time to intercept signals and intervene — if they have the right tools available.
For example, IBM Trusteer Apex blocks the process of installing malware, while IBM Security Network Protection interrupts the malware’s life cycle by identifying and blocking suspicious traffic.
Attacks are often tailored to a specific target enterprise. In these cases, the attackers are well aware of the security technologies being used by the target; they have all the elements they need to hide themselves and the attack, which gives them an immediate advantage. The only effective way for enterprises to defend themselves is to understand the interrelation of the various components used in the attack. Using sophisticated techniques of analysis on a wide set of data and network traffic, the IBM QRadar Security Intelligence Platform — part of the IBM Threat Protection System — is able to identify these types of attacks via red flags such as traffic spikes in off hours or repeated attempts to log in.
Respond to Attacks
The variety and sheer number of attacks suggest that no business, regardless of size, should ever consider itself immune. If an attack is executed to completion, the ability to contain its impact is extremely important. This implies the need to respond with urgency once the incident is identified and reported. IBM Emergency Response Services provide guidance and support in the management of a security incident and the resulting fallout.
For SMBs, every customer, every recommendation, every dollar counts. With a comprehensive security strategy and a smart, targeted investment in integrated security technologies, you can ensure your growing business won’t be stopped in its tracks by cybercriminals.