More remote and mobile working, BYOD and increased network activity won’t deter cyber criminals, or change the way our network users behave.
SMB’s face same threats and have the same responsibilities as the big guys, but have fewer resources, time and budgets to respond to the ever changing landscape
Although most businesses will have a level of cyber security and may genuinely believe they’ve got it covered, most can’t see what’s happening on their network. This leads to the obvious conclusion - you can’t protect what you can’t see.
Visibility is of primary importance in the fight against any security breach and, if you’re unable to see what’s going on, then you need to take steps to do so.
Over 50% of IT leaders don’t know if their cyber security is working
Source: Ponemon Institute
But for smaller businesses, it’s not as easy as it sounds.
They face the same threats and have the same responsibilities, but few have the skills, time or the budgets to implement sophisticated SOC’s to track network activity. So here we look at some of the options open to SMB's.
There's a whole new breed of cloud based security technologies that give greater network visibility and threat management. We looked at three key criteria - level of security offered, affordability, and capability within our checklist criteria.
Fundamentally, products and services need to offer
- Network Visibility – our primary objective, so we could see the blind spots where attackers can hide
- Policy Assurance – to make sure all network security rules are not being violated
- Threat Detection – finding the anomalies and threats behind the firewall
If a product doesn’t meet these standards, don’t buy it.
Just as important as standards, are affordability and ease of implementation. There’s no point in considering a product, however good, if you can’t afford it or if the implementation and management are too complex.
Capability is the third critical factor for SMB’s. The the continuing changes in the threat landscape are difficult to keep on top of, even in well staffed large enterprises – just look at the number of breaches affecting big businesses.
Which leads us on to another option becoming more attractive to SMB’s - managed security services. Specialists take responsibility for all security issues, including the sourcing and implementation of the right technologies, continual monitoring and issue resolution when the inevitable occurs, leaving IT teams to be in control and at the strategic heart of their business.
New technologies have made these managed security services even more attractive, providing all the benefits of a full blown SOC in a "virtual" SOC, combining cloud-based SOC services within a fully managed resource.
These new services offer a lot, with benefits including:
- Automatically identify assets on your network and prioritising layered security zones
- Receive Smart Alerts - prioritised event notifications, on suspicious network activity
- Gain visibility of your network threat landscape and respond quickly to malicious insiders or motivated attackers
- Detect network anomalies using scalable AI that continuously learn while monitoring your network activity using existing firewalls and without additional people or software
- Creating comprehensive reports on threats, assets and network behaviour.
So what are your options?
There’s great technology out there that will give you all the benefits of a SOC without the price tag. Make sure they do what you need, with visibility the most important factor.
Do your research, as some newer products do the same as their older competitors for 1/3 of the price.
If you don’t have the bandwidth, consider a managed services – with the new VOSC products, you’ll get the best of both worlds.