There’s a common saying in the world of cybersecurity: It’s not a matter of “if,” but “when” a security incident will rear its ugly head. Businesses constantly have to deal with phishing, malware, insider threats, and newly discovered vulnerabilities. To reduce risk and adequately protect against cyber threats, organizations need to employ a multi-layered security strategy that protects corporate networks, devices, and data. But this is no simple task for IT departments.
A recent study by Spiceworks.com who surveyed 500 IT decision makers found the following findings:
The number of cybersecurity incidents businesses face continues to grow. In 2018, the U.S. Federal Bureau of Investigations (FBI) received more than 350,000 complaints of internet crimes, up 23% in five years. However, losses from these crimes increased more than threefold in the same time period, rising from $800 million in 2014 to $2.7 billion in 2018.
The biggest vulnerability continues to be "Human Error" with data breaches involving anything from programming errors to sending data to incorrect email addresses or simply clicking on an email they shouldn't.
A growing concern is criminal activity inside your organization such as fraud. When you have a small business its often challenging to put the processes in place to prevent data theft or financial fraud.
Unsecured endpoints are the next vulnerability from employees using smartphones, tablets and other devices to connect to your network. With so many devices coming from unsecure networks its relatively simple for cyber criminals to use them to infiltrate your network.
Inadequate data backup is another issue for businesses. Many things can happen to your data whether from fire or other natural disaster destroying servers or a network breach that wipes our your cloud storage. You need to make sure all your data is backed up and can be restored easily after an incident.
Lastly is subpar IT management which can be an issue for many small businesses who simply due to lack of funding and knowledge cant afford to hire an experienced in-house IT manager.
Now that we've identified some of the vulnerabilities lets look at some cost effective solutions to remedy them.
Intrusion Detection
The most common managed solution as a service is endpoint security and threat protection. Within the next two years use of intrusion detection and prevention solutions such as DDOS are expect to grow. 12% are using it today and another 23% are expected to be using it by 2021.
Endpoint Security
As employees increasingly work at home, in cafes, in co-working spaces, and while traveling, it’s now more important to protect individual devices when they leave the relatively-safe confines of the corporate network. To get a snapshot of how businesses are protecting endpoint devices, we examined which endpoint security providers are on the rise and how satisfied businesses are with their solutions.
According to the survey we alluded to earlier, the following endpoint security technologies and capabilities are expected:
Among endpoint security providers, the data shows Malwarebytes and Sophos are the most commonly used across all company sizes, but it’s worth noting the vast majority (93%) of Malwarebytes customers use their product in conjunction with another endpoint solution.
The data indicates Symantec, Webroot, Trend Micro, Bitdefender, and ESET are also among the top endpoint security providers. Other notable players not charted below include McAfee and Palo Alto Networks with 8% adoption each, and Kaspersky and Avast with 6% adoption each.
Network Security
Security solutions offering protection at the network layer can help stop security threats attempting to penetrate corporate networks. Network firewalls have been used to block ports at the network perimeter, but in recent years, newer types of network security devices have gained additional functionality including packet inspection, content filtering, spam filtering, and more. An in expensive way for small businesses to keep up is with a managed firewall solution where access to a higher end more complete protection such as Checkpoint or Fortinet can be had without a large capital outlay.
With the sheer volume of emails, messages, and other data travelling across corporate networks, it’s challenging for IT professionals equipped with traditional defenses to keep an eye out for ever increasing dangers. Many of the new "as a service" solutions employ artificial intelligence to make your network more secure against more types of attacks.
Download our free Network Security tips Ebook.