Following the news of a recent Webroot report titled “Size Does Matter”, which highlights SMBs’ perception of cybersecurity risks, Paul Norris, Senior Systems Engineer for EMEA at Tripwire, gives his take on how SMBs can protect themselves.
Paul Norris, Senior Systems Engineer for EMEA at Tripwire:
“SMBs used to feel safer from the threat of cyberattacks because they failed to see the potential value of their digital assets. Recently, criminals have figured out that through the weaker security layers of smaller contractors, they could not only obtain sensitive information, but they could also gain access to the networks of larger enterprises. Fortunately, awareness is increasing, and the fact that SMBs are worrying about the state of their cybersecurity is encouraging, because it means that they are taking steps to protect themselves.
The best way in which SMBs can manage the risk coming from cyber threats is, first and foremost, employee training. In our experience, preparing the workforce on the best security practices goes a long way in protecting the infrastructure from evitable breaches, such as those caused by malicious links delivered via phishing emails. Humans are still the weakest link in SMBs security systems: often without a malicious intent, employees can make mistakes, compromise their passwords, or abuse privilege access, thus harming the security layers.
Additionally, since SMBs sometimes don’t have a dedicated cybersecurity team, investing in solid foundational controls can help with the identification of threats and vulnerabilities by continuously monitoring the security of their systems.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.