The threats and risks associated with cybersecurity are continuously evolving.
For small and medium-sized businesses (SMBs), the challenges can be greater still due to limits on resources and expertise, alongside issues as diverse as outdated software and patching, speed and complexity of change, talent and skills gaps, compliance requirements, lack of IT infrastructure visibility and disconnected data sources – the list goes on!
And this is a risk sector that is growing just as fast as SMBs continue to matter ever more to our global and national economies. This is evidenced across multiple cybersecurity practitioner studies, with the Data Breach Investigations Report of 2022 (research by Verizon) finding over 75% of cyber-security incidents occurred at SMBs, up from 55%. Additionally, the recent "State of IT Security for SMBs in 2022-2023" by Devolutions which identified ransomware (81%), phishing (69%) and malware (38%) as leading concerns – but equally revealed a key juxtaposition too.
Whilst an eye-watering 60% of SMBs experienced at least 1 cyberattack in the previous year, only an alarming 18% of SMBs reported checking all key IT security areas imperative to protect against cyberattacks which are only increasing in scope, sophistication and scale — and further still, some 13% reported NOT implementing ANY essential IT security measures. This highlights an overriding priority – moving beyond heightened cybersecurity awareness and SMB’s experience of impacts – to preventing security issues from causing business disruption. Let's turn now to the 'why's' and & 'hows' of addressing!
Compared to larger enterprises, SMBs typically experience unique or a more complex set of cybersecurity challenges. Some of the most notable include:
⚙️Limited Budgets: Most SMBs operate with limited financial resources, which means that they might not be able to invest heavily in state-of-the-art cybersecurity tools and solutions.
⚙️Lack of Expertise: SMBs might not have dedicated IT or cybersecurity staff, making it hard to stay updated on the latest threats and best practices.
⚙️Underestimation of Threats: Many SMBs mistakenly believe that they are not targets for cyberattacks due to their smaller size, but in reality, many cybercriminals target SMBs precisely because they tend to have weaker defences.
⚙️Resource Constraints: Beyond financial constraints, SMBs might lack the necessary human resources or technical infrastructure to implement robust cybersecurity measures.
⚙️Legacy Systems: Due to budget and resource constraints, SMBs might be using outdated hardware and software that are more vulnerable to security breaches.
⚙️Lack of Policies and Training: SMBs might not have formal cybersecurity policies or regular employee training in place, leading to employees being unaware of best practices and potential risks. This includes simulation exercises around threats and roles in that context.
⚙️Supply Chain Vulnerabilities: If an SMB is part of a larger supply chain, a cyberattack targeting the SMB might be intended to breach a larger enterprise via the SMB's weaker security.
⚙️BYOD (Bring Your Own Device) Risks: Without a strict IT policy, employees might use personal devices for business purposes, which may not have the same security controls as company-provided devices.
⚙️Rapid Growth Challenges: If an SMB experiences rapid growth, they might onboard new technologies and employees quickly without adequately considering security implications.
⚙️Recovery Limitations: In the event of a cyber incident, SMBs might not have a comprehensive backup and recovery strategy, making it harder to restore operations to a pre-attack state.
⚙️Physical Security Oversights: SMBs might focus heavily on digital threats and overlook physical security, for example securing server rooms or disposing of old hardware safely.
⚙️Move to Cloud: As SMBs increasingly migrate to the cloud for scalability, flexibility, and cost savings, they also face unique cybersecurity challenges alongside the opportunities cloud catalyses – let’s explore this now in more detail!
SMBs, given their limited resources and challenges described above as compared to larger corporations, need to be particularly vigilant about cloud cybersecurity. By following best practices and being proactive, they can significantly mitigate risks and make the very most of cloud technologies and all they enable across scale, flexibility, cost and ultimately – innovation and growth. Cloud data security allows you to securely manage your most important data offsite without the cost of on-premises servers. Here are some of personal best practice reflections and considerations for SMBs in relation to cloud cybersecurity!
✅Cloud Provider Selection: Not all cloud providers offer the same level of security. Before selecting a provider, review their security certifications, compliance standards, and any independent audit reports. Ensure they match your business's specific needs.
✅Data Encryption: Always encrypt sensitive data both at rest and in transit. Many cloud providers offer encryption services as part of their offerings. Use strong encryption standards and manage encryption keys securely.
✅Multi-factor Authentication (MFA): MFA adds an additional layer of security by requiring two or more verification methods. It's a simple yet effective way to thwart unauthorized access.
✅Regular Backups: Ensure that you have a robust backup system in place. This not only helps in case of a cyberattack but also in situations like data corruption or accidental deletion.
✅Educate Employees: Many breaches occur due to employee negligence or ignorance. Conduct regular training sessions on best practices, phishing awareness, and secure use of cloud applications.
✅Access Controls: Use the principle of least privilege (PoLP). Only grant access to data and applications that a user needs to perform their job. Regularly review and update permissions.
✅Endpoint Security: Since cloud services can be accessed from various devices, it's vital to ensure that all endpoints are secure. This includes regular updates, antivirus software, and monitoring for suspicious activity.
✅Secure APIs: If your business uses APIs to connect with other services or tools in the cloud, ensure they are securely coded and regularly monitored.
✅Regular Security Audits: Periodically review and assess your cloud environment for vulnerabilities. This can be done internally or by hiring a third-party service.
✅Incident Response Plan: Even with all the precautions, breaches can happen. Have a clear incident response plan in place so you can act quickly and minimize damage.
✅Review Contracts and SLAs: When signing up with a cloud provider, thoroughly read through the Service Level Agreements (SLAs) and understand who's responsible for what in terms of security. Some aspects might be the cloud provider's responsibility, while others might fall on you.
✅Use of CASBs: Cloud Access Security Brokers (CASBs) act as gatekeepers between on-premises infrastructures and cloud providers. They can offer visibility, compliance, data security, and threat protection.
Cloud-based cybersecurity can afford multiple benefits, notably economies of scale to achieve more security at less cost, quick and easy deployment, automatic updates to always keep on the cusp of cutting edge security solutions, redundancy and backup to ensure data safety and business continuity and the accessibility to manage and monitor security from anywhere!
And so to help address the SMB cybersecurity challenge whilst also optimizing cloud computing benefits, AWS has released an eBook freely available 🗞️ here and offering insights into just how a cloud-based approach can address SMB cybersecurity challenges more efficiently and cost-effectively too. The guide also reflects how organizations not only need to address security, but they need to ensure they can adapt to support the increased productivity and scale that cloud-native development brings.
The guide 🗞️covers Security Challenges and Opportunities for SMBs, Best Practices for a Cybersecurity Program Framework, Advantages of Cloud-Based Cybersecurity, Assessing the Right Time for a Cloud-Based Security Approach and How AWS Can Help Secure Your Business – with case studies of real-world implementation by SMB’s. Additional examples can be explored within AWS’s Smart Business Hub including Greenko Group within the Energy Market and Sementes Jotabasso within Large Scale Agriculture.
I would also recommend checking out the AWS Connected Community On Demand Learning Resources, for example the latest episode in the ‘Secure my Business’ Series available now here. Hosted by Oren Waldman, Senior Solutions Architect at Amazon Web Services (AWS) alongside Phillip Knapp, Senior Solutions Engineer this is a brilliant session of bite-sizing learning (c10 minutes) covering the latest cyber-attack prevention advice alongside the AWS Shared Responsibility Model.
And there is more! Based on my personal experience using AWS features and as a judge and mentor across AWS startup and DEI events, here are some additional suggestions around AWS-specific cybersecurity best practices for SMBs!
🌟AWS Identity and Access Management (IAM) Use IAM to create and manage AWS users and permissions. Implement strong password policies for your IAM users. Use roles for applications and services that run on Amazon EC2 instances. Enable Multi-Factor Authentication (MFA) for your AWS root account & privileged IAM users
🌟Amazon S3 Bucket Policies Always ensure that your S3 buckets are not publicly accessible unless intentionally done. Use bucket policies to restrict access to only necessary entities and services.
🌟VPC Security: Use Virtual Private Cloud (VPC) to create a private network for your resources. Use security groups (stateful firewalls) and Network Access Control Lists (stateless firewalls) to control inbound and outbound traffic to resources.
🌟AWS CloudTrail: Enable CloudTrail in all regions to log API calls & give visibility to actions taken in your account
🌟Amazon GuardDuty: Consider enabling GuardDuty, an AWS threat detection service that continuously monitors for malicious or unauthorized behaviour.
🌟AWS Config: Use AWS Config to monitor and assess configurations of your AWS resources. It helps ensure compliance with internal policies and regulatory standards.
🌟Regularly Rotate Access Keys: Regularly rotate and remove unused IAM access keys. Avoid using root account keys; instead, use IAM user access keys.
🌟Encrypt Data: Use AWS Key Management Service (KMS) or other encryption services to encrypt data at rest and in transit.
🌟Backup Regularly: Use services like AWS Backup to automate backups of EBS volumes, RDS databases, DynamoDB tables, and more.
🌟Patch Management: Regularly patch and update your EC2 instances. Consider using AWS Systems Manager Patch Manager for automating the patching process.
🌟Endpoint Security: Protect your EC2 instances with antimalware and intrusion prevention solutions. AWS offers Amazon Inspector, a service that assesses applications for vulnerabilities.
🌟AWS Organizations: If you have multiple AWS accounts, use AWS Organizations to centrally manage policies and ensure compliance.
🌟Incident Response: Be prepared with a plan for potential security incidents. AWS provides documentation and tools to help formulate incident response strategies.
🌟AWS Well-Architected Framework: Follow the security pillar of the AWS Well-Architected Framework for best practices on designing and operating reliable, secure, efficient, and cost-effective systems in the cloud.
As cyber threats become more sophisticated and pervasive, it's crucial for SMBs to stay informed and proactive in their security approaches! A cloud-based solution, especially with a robust platform like AWS, can provide the scalability, efficiency, and advanced protection that these vital businesses need to thrive in today’s rapidly evolving landscape – and this all aligned to a transparent shared responsibility model.
By understanding the unique challenges SMBs face and utilizing the best practices, solutions and free resources available, you can ensure that your business remains resilient and secure in our ever-changing world, supported by the trusted partnership that allows you to retain focus on your business! Absolutely critical developments here to deliver the vision of cybersecurity protection that enables ‘Security at any Size’ – from Enterprise to SMB alike!
A highly experienced chief technology officer, professor in advanced technologies, and a global strategic advisor on digital transformation, Sally Eaves specialises in the application of emergent technologies, notably AI, 5G, cloud, security, and IoT disciplines, for business and IT transformation, alongside social impact at scale, especially from sustainability and DEI perspectives.
An international keynote speaker and author, Sally was an inaugural recipient of the Frontier Technology and Social Impact award, presented at the United Nations, and has been described as the "torchbearer for ethical tech", founding Aspirational Futures to enhance inclusion, diversity, and belonging in the technology space and beyond. Sally is also the chair for the Global Cyber Trust at GFCYBER.
Dr. Sally Eaves is a highly experienced Chief Technology Officer, Professor in Advanced Technologies and a Global Strategic Advisor on Digital Transformation specialising in the application of emergent technologies, notably AI, FinTech, Blockchain & 5G disciplines, for business transformation and social impact at scale. An international Keynote Speaker and Author, Sally was an inaugural recipient of the Frontier Technology and Social Impact award, presented at the United Nations in 2018 and has been described as the ‘torchbearer for ethical tech’ founding Aspirational Futures to enhance inclusion, diversity and belonging in the technology space and beyond.