As covered in our previous blog post, “Are You Prepared for the Evolution of Cyberthreats?,” cybercriminals leverage a variety of tactics to profit from exploiting small and midsize enterprises (SMEs). But are SMEs evolving their cybersecurity efforts to detect and respond to this new evolution of cyberthreats?
Based on trends from the past few years, the answer appears to be “no.”
“Why do hackers continue to be so successful against SMEs?”
According to Ponemon Institute’s 2017 State of Cybersecurity in Small & Medium-Sized Businesses, 61 percent of respondents experienced a cyberattack in 2017, up from 55 percent in 2016. This upward trajectory in attack volume and frequency against SMEs is not new. In January 2016, The New York Times published an article titled “No Business is Too Small to be Hacked.” Last year, Congress addressed what CNBC called “cyberwar on small businesses” after 14 million small businesses were breached in a 12-month time span.
This raises another question: Why do hackers continue to be so successful against SMEs?
The answer is in the Definitive Guide to SOC-as-a-Service. And while there are a number of variables at play, one of them, as discussed in Chapter 2 of the guide, is an over-reliance on point solutions.
Why Are Point Products Inadequate?
Cybersecurity point products focus predominantly on prevention. The purpose of a next-generation firewall, for example, is to prevent the flow of malicious web traffic in and out of the network. An endpoint protection platform (EPP) solution performs a similar function by blocking known threats affecting endpoints.
One problem with point solutions is that, while they might protect at the edge of the perimeter, they don’t improve detection of threats after they have breached the network perimeter. Other issues include a lack of central management for the variety of tools (the much desired single pane of glass), a lack of threat intelligence (another point product provides this) to help with incident response, and so on.
To learn more about the different types or point products and why they struggle to improve SME security posture alone, download the “Definitive Guide to SOC-as-a-Service” below.