Cyber attacks may cause more damage than you think, cyber criminals can steal customers data, financial data, Reports and other confidential information. SMBs are the easy target of cyber criminals because they have plenty of data with basic security system. SMBs cybersecurity is big concern nowadays, Cyber attacks is threat to all level of organizations and totally unexpected. To understand the importance of cyber security and why SMBs should adopts adequate cyber security solution – I am in discussion with Regional Vice President, India & SAARC at Fortinet, Mr. Rajesh Maurya.
Discussion with Rajesh Maurya
Question: Nowadays cybersecurity is a big concern for every organization, How few of them fail to follow basic cybersecurity standard?
Rajesh Maurya: As mobility and digital transformation demands have made business networks more accessible than ever, cyber attacks are also becoming more frequent and sophisticated, taking advantage of the expanded attack surface. As a result, Any organization’s employee including SMBs can unwittingly cause severe damage to a business due to a lack of cybersecurity awareness. A compromised device or an unreliable remote connection can leave your network vulnerable.
To minimize risk especially as connectivity and digital resources become more intertwined, organizations need to promote security hygiene best practices that will minimize risk, data leakage, and non-compliance while still allowing for operational flexibility and efficiency.
All businesses, regardless of size, should have an incident response and recovery plan in place to minimize downtime in the event of an attack. Make sure you and all other employees are aware of this plan so there are no questions about the next steps during an attack. This includes having a hotline so employees know who to contact if they suspect there has been a breach.
Having a streamlined plan combined with a staff that are all on the same page will allow you and your business to quickly stop an attack from spreading throughout the network, reduce dwell time, minimize the exfiltration of data, and get everyone back online faster.
Question: What are the major challenges for organizations specially SMBs adopting cybersecurity solutions?
Rajesh Maurya: Digital transformation requires an equivalent security transformation to protect business from today’s cyber threats. This requires shifting from point security products, manual security management, and reactive security to a strategy one where different security elements are integrated into a single system, security flows and covers multiple network ecosystems, threat-intelligence is centrally collected and correlated, and threat detection and response is automated.
As the speed of threats rapidly increases, the time windows for prevention, detection, and remediation continue to shrink. Rapid response times are crucial, which makes the implementation of truly expansive and integrated security automation essential, from data collection to coordinated responses to threats.
At the same time organizations are facing challenges figuring out how to inspect and secure the growing volume of encrypted traffic, battling the persistence of botnets, and addressing new malware trends such as cryptojacking.
Getting out of the trap of cybersecurity brinksmanship requires organizations including SMBs to rethink their security strategies. This starts with a cohesive security fabric that can gather and share threat intelligence, perform logistical and behavioural analysis, and tie information back into a system to pre-empt criminal intent.
Question: What is the unknown biggest threat cybersecurity is carrying?
Rajesh Maurya: The number of vulnerabilities available to cyber criminals continues to accelerate. But according to one recent report, of the over 100,000 vulnerabilities published to the CVE list, less than 6 percent were actually exploited in the wild. The challenge is that predicting which vulnerability will be targeted next, and which exploit will be used, requires advanced strategies, such as leveraging telemetry data to perform predictive analysis, that many organizations do not have in place.
There’s an even larger treasure trove of potential vulnerabilities hidden from view that defenders haven’t even begun to take into consideration as part of their security strategy. Countless vulnerabilities exist inside software and hardware, particularly in the area of IoT, waiting to be discovered and exploited by cyber criminals.
Fortunately, cyber criminals have not yet figured out how to extract those zero-day vulnerabilities from existing software except in the most rudimentary ways. But that is about to change. As malicious actors begin to incorporate AI and machine learning (ML) into their exploit models, zero-day vulnerabilities and exploits will explode, and the threat landscape will be completely transformed.
Attack campaigns targeting multiple zero-day vulnerabilities will be able to spin up at any instant, and cyber criminals will begin integrating more and more zero-day exploits into attack kits.
Question: IoT is advancing SMBs but also carrying cybersecurity threats with it, what are the precautions to follow to secure devices?
Rajesh Maurya: The biggest challenges customers face when securing IoT devices is that they often remain uncontrolled, even within a network. They might be employee-owned as a part of a BYOD policy, headless devices under the responsibility of the operational technology team, or consumer devices connecting to the network. With so many sources and no unified view, it’s easy for security teams to lose track of these devices.
And in the case of consumer and employee devices, it’s impossible to enforce regular updates or patches, and this challenge is compounded by the fact that most IoT devices were not designed with security in mind. It’s no wonder that IoT devices have become a growing entry point for malware and network breaches.
To overcome these problems, your customers’ security teams need to identify and learn about each device connected to the network, including the level of risk each device carries. NAC controls visibility into every device across the entire distributed network. NAC then uses advanced tools and techniques to provide a detailed inventory of the devices on the network. Agentless scanning detects and classifies all IoT devices, including headless devices.
Automated onboarding allows your customers to onboard large numbers of endpoints, users, and guests. And device profiling uses behavioral information for the level of access permitted for a device.
Fortinet’s NAC Solution offers unified visibility into connected devices across your distributed networks. Such integration ensures optimal protection even as the volume of IoT devices connected to the networks expands. In this integrated security environment, other security tools can then seamlessly leverage NAC event data to better identify other compromised devices for pre-emptive action.
Question: Some organizations are overly confident about their cybersecurity, What type of organizations are main target of cyber threats?
Rajesh Maurya: SMB customers’ concerns regarding cyber attacks are warranted, especially as Verizon’s 2018 Data Breach Investigations Report found that 58 percent of all breaches in the past year occurred at small businesses – exceeding those at large corporations. Cyber criminals have zeroed on these organizations as a focus area for three key reasons.
1. They have data
It’s easy for organizations, SMBs to think they will not be targeted with a cyber attack because of their size, especially considering most breaches in headlines are at large corporations. However, this is not the case. Many of your SMB customers store data that is just as valuable to cyber criminals as that of larger companies – be it payment information, healthcare records, or other personally identifiable information. Having this information makes SMBs viable targets for cybersecurity attack. Furthermore, because this data is so critical to operations, smaller businesses are more likely to pay a ransom to get this information back in the event of a ransomware attack.
2. They have less protection and resources
Not only do these organizations have much of the same valuable information as larger companies, but they typically have fewer security controls in place, or might be relying on legacy systems that are no longer supported with regular updates, or that cannot share threat intelligence in order to identify and respond to threats at the digital speeds today’s attacks require. Part of the reason is that SMBs do not have the same level of resources and expertise to devote to securing their network from cybersecurity attacks as enterprises. While larger enterprises can hire full teams to support cybersecurity initiatives, SMBs simply lack the budget. This makes it easier for cyber criminals to bypass more basic controls to gain access to their networks.
3. They have less training
Finally, these organizations often do not have the same level of training or awareness of cyber risks. For example, only 40 percent of SMBs have formal protocols in place in the event of a breach and 42 percent are unsure which cybersecurity measures they should have in place for cloud use. While larger enterprises may have security professionals who can provide this insight, the cybersecurity skills gap has priced many smaller companies out of this possibility.
Fortinet offers a variety of cybersecurity solutions that are specifically designed for SMBs and their main concerns of losing consumer data, losing consumer trust, suffering reputational damage, and being out of compliance with regulatory standards due to a successful cyberattack—and with the best price/performance and functionality value in the market.
Question: Any advice you would like to share with SMBs owners on cybersecurity importance and solution?
Rajesh Maurya: SMB customers are increasing their daily use of technology in order to innovate, increase speed to market and remain competitive. Technology use allows these customers to expand their business reach and capabilities into new regions where budget or staffing restrictions may not have previously allowed. Software now facilitates sales and marketing initiatives, communication, and productivity. In particular SMBs customers are investing in the cloud and cloud-based applications due to their scalability, lower upfront infrastructure costs, and support of a mobile workforce and customer base.
While these investments in technology bring many benefits to SMBs, they are not without risk. Adding these solutions to the stack increases the attack surface at a time when cyber attacks are becoming faster, more sophisticated, and persistent. For SMB customers, a cyberattack is a high-stakes situation, as reports show that 60 percent of small businesses close within six months of a breach.
As organizations add technical capabilities, they have to be aware of—and take steps to mitigate—threats such as ransomware, DDoS attacks, malware, phishing, insider threats, and more. SMBs leaders are aware of these risks, and are taking steps to invest further in security and minimize their susceptibility to cybersecurity attacks, with 25 percent of small businesses and 62 percent of mid-market businesses noting intentions to increase their cybersecurity budgets. The challenge is, where is the most effective place to invest those limited security dollars?
Fortinet’s Unified Threat Management solutions provides security across an organization’s entire network while simplifying management through deep functional integration and single pane of glass visibility. Fortinet also offers cloud management and reporting, secure switches, and access points that have all been designed with functionality, interoperability, and security in mind. Having a centralized view of network activity removes strain from limited personnel, while the integration of powerful yet cost-effective switches, wireless access points, and endpoint security controls stretch across the entire network, enabling them to work together as a single security fabric to detect and mitigate even the most sophisticated threats.
Fortinet partners are trained to determine a business’s security needs based on the answers to a few simple questions, such as the number of employees in the organization, how many devices each employee connects the network, and what sorts of applications and cloud services they are running.
Question: What are the main reason, SMBs struggle to implement adequate cybersecurity solution?
Rajesh Maurya: Many companies, especially in the SMBs space, do not have dedicated IT and cybersecurity teams. This means technical resources are strained when it comes to selecting, deploying, implementing, and securing infrastructure.
For organizations that do not have devoted IT and security teams, the process of evaluating the components of their distributed network, determining where security risks exist, prioritizing those risks, and then selecting and deploying the appropriate tools to mitigate those risks is daunting. Without a proper understanding of where their network is weakest, it is likely that these SMB organizations will end up deploying a patchwork of isolated point solutions.
While deploying security tools across each potential entryway has the right intention, the lack of integration can actually reduce visibility and leave gaps in security.
When it comes to security management even large organizations that have devoted IT and security teams still have difficulty monitoring the network to keep track of which devices are connected, who has access to data, where that data is stored, and what resources applications and workflows need to access—in addition to responding to security events. For SMBs, managing all of this with limited IT resources is nearly impossible.
SMBS can look at MSSPs who can help them to leverage threat assessments, provide expertise, streamline onboarding, and help in centralization and management to reduce the complexity of the process and help enhance their security posture to grow their business.
Read More: How Multi-Source Security Analytics Creates a Paradigm Shift in Enterprise Cyber Security