SMBs Are on the Front Lines of Cyberthreats
On Feb. 21, U.S. President Joe Biden issued detailed recommendations urging organizations of all sizes to enhance their cyber defenses to protect against potential cyberattacks. Suggested actions included implementing multi-factor authentication (MFA), conducting regular cyber incident response exercises, encrypting data, and using tools that automatically scan for potential vulnerabilities. Many large organizations are likely to have already adopted some or all of these practices. Yet, many small and medium-sized businesses (SMBs) lack the robust cybersecurity capabilities of larger organizations, and therefore face considerable risks.
President Biden likewise warned that Russia could “conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners.” NATO heads of state have pledged to enhance their cyber capabilities and defenses in the face of impending cyberattacks, as well.
Threat actors are well aware of the comparatively “soft targets” that many SMBs represent. Attacking a large organization is difficult, as they are more likely to employ extensive security measures and hire world-class IT teams. However, the SMBs that perform contract work for large organizations often lack the resources to mount a similarly effective cybersecurity defense. In fact, many high-profile cybersecurity breaches succeeded by compromising smaller firms with access to larger targets. SolarWinds and Kaseya, two recent examples of a supply-chain attack, demonstrate how a smaller company can be infiltrated to ultimately attack larger targets.
The BlackBerry® 2022 Threat Report noted SMBs are at the “epicenter” of cybercriminal focus, facing upward of 11 cyberthreats per device, per day. Similar research from the U.S. Small Business Administration found “88 percent of small business owners felt their business was vulnerable to cyberattack.” The U.S. Government’s Cybersecurity and Infrastructure Security Agency (CISA) summarized the problem on its website for small business owners, stating, “Small businesses are at a higher risk of cyberattacks than larger businesses because they often have fewer resources dedicated to cybersecurity.”
Can SMBs Defend Themselves?
Fortunately, there are several actions SMBs can take to improve their cybersecurity posture and avoid being compromised. Shishir Singh, Executive Vice President and Chief Technology Officer of the BlackBerry Cybersecurity Business Unit, offers the following security advice:
Be aware of the most commonly exploited threat vectors (phishing, distribution of highly sophisticated malware, etc.) and ensure your organization is prepared for them.
Perform a comprehensive cybersecurity assessment. Take advantage of any IT “health check” services provided by your vendor.
Conduct an extensive vulnerability assessment of your environment, and ensure that partner companies with access to your resources do the same. The MITRE ATT&CK® framework, CVE database, and OWASP Top Ten list all provide valuable information on known cybersecurity vulnerabilities. Areas of the business using older software or technology should be thoroughly checked, as they often contain extensively documented – and easily exploited – vulnerabilities.
Review existing security policies and procedures. Security practices governing remote workers and unmanaged devices require close attention, as these are increasingly popular attack vectors.
Ensure all data is encrypted, including assets in the cloud.
Use multifactor authentication.
Have a disaster recovery plan in place. Be able to answer the question, “How can we restore our data if something bad were to happen to it?”
Use the Principle of Least Privilege to control access across the environment.
There are a few additional steps SMBs can take to affordably achieve stronger cybersecurity protection. Many security professionals advise adopting a Zero Trust Network Access (ZTNA) security posture. This approach to security requires users to continuously build and maintain trust with the host environment to maintain access privileges. Artificial intelligence (AI) cybersecurity tools are also being used as a “force multiplier” by threat response teams. Highly advanced cybersecurity AI can perform multiple security tasks, including predicting zero-day threats, preventing malware execution, and detecting suspicious behavior patterns. AI also aids the adoption of ZTNA by conducting continuous security posture assessment, continuous secure authentication, and extending protection from core applications to any applications.
Russia’s invasion of Ukraine has potentially elevated the cyber risks faced by SMBs, particularly those in the U.S. To keep our users safe, our prevention-first product, BlackBerry® Protect, is being provided to U.S. government and banking institution customers at no cost for six months*. BlackBerry Protect is powered by our seventh-generation Cylance® AI engine, and trained on billions of file features to predict and prevent attacks before they execute. BlackBerry has additional programs to assist companies currently using Kaspersky Anti-Virus who wish to migrate to another platform. For more information on this offer, or to learn more about BlackBerry’s award-winning cybersecurity solutions, visit BlackBerry.com.
*Offer available for a limited time to eligible U.S. government and financial institution customers only. Contact us for details.