How to build cyber resilience on a budget

SMEs have little wiggle room regarding cybersecurity. Smaller budgets and fewer dedicated security resources mean that cyberattack attempts are more likely to penetrate an SME’s defenses than those of a larger company. 

Forty-three percent of all cyberattacks are aimed directly at small to medium businesses, and only 14% of SMEs are ready to defend against those attacks, according to a study by Accenture. Aside from being extremely inconvenient, these data breaches also get expensive. The cost of data breaches to small businesses rose by 26.8% in 2021 — from $2.35 million to $2.98 million ‒ according to IBM’s 2021 Cost of a Data Breach Report.

Small businesses were also three times more likely to become victims of attacks in 2021 than larger companies.

It isn’t always easy to make the case for cybersecurity in a small business, especially to the executives or the board. The costs of building strong cyber resilience have traditionally been prohibitively expensive. 

Fortunately, there are industry best practices that can be followed so that SMEs can get the “most bang for their buck” and secure themselves against attacks. These best practices result in hardening the typical weak spots that cybercriminals like to exploit. 

Here are our top tips on how to improve your SME’s cyber threat resilience, even on a tight budget. 

Build up from a solid foundation

Cyber security resilience begins with a solid foundation. Even small companies can stand on firm ground if they ensure that these security elements are in place. 

One study revealed that SMEs take an average of 212 days before they even detect that they have been attacked, and a further 75 days to get that threat under control. That’s more than three-quarters of a year for the total threat to be detected and handled. The amount of potential damage during such a lengthy period is immense. It’s no wonder that 60% of SMEs are unable to survive six months after an attack. 

Cybersecurity needs to be proactive. Once threats are detected, an SME should have a swift response strategy in place. And the more a certain technology can help overcome specific threats, the more that technology should be considered a priority within the company. 

Here is our list of must-have cybersecurity foundational tools to improve an SME’s cyber resilience.

1. Email protection (spam/phishing/fraud)

Ninety-six percent of all social engineering attacks are launched through email as a vector. Cybercriminals use many different types of email attack methods in their attempts to gain access to your network or cripple your business channels. A majority of email attack campaigns are sent for the purposes of financial gain. Yet, some of those email attacks don’t have any malware at all. They simply trick users into transferring funds to a fraudulent account.

Proper email security is a core requirement for cyber resilience.

2. Endpoint Protection (EPP) 

As the name suggests, EPP is focused on prevention, leveraging different techniques from machine learning to sandboxing to identify malicious behavior. A good EPP solution can minimize the amount of work for your security staff as well as the need for additional response. EPP is the base product and EDR is the add-on. But they can be separate products as well.

3. Endpoint Detection and Response (EDR)

EDRs are systems that can help detect, alert, and automatically respond to a wide variety of threats aimed at endpoints such as mobile phones, tablets, and laptops that are missed by the EPP solution. A properly configured EDR can detect even sophisticated attack patterns. More importantly, it enables quick response actions to minimize the damage. This includes taking an endpoint offline or preventing a file from running.

Protecting endpoints is crucial for building cyber resilience because 70% of all successful cyberattacks begin at an endpoint. 

4. Privilege account abuse detection

Attackers often seek login credentials. Once these are obtained, their privileges are escalated and they can deepen their attack. Often, they will seek login credentials of C-suite employees or tech employees as these often have higher account privileges. In the case of SMEs, however, sometimes all employees are given high privileges as a point of ease. While such a policy might reduce the effort of doing business, it is just inviting an attack.

SMEs should look to do two things: 1] minimize the number of admin accounts in use 2] monitor user behaviors. The former greatly reduces your attack surface – the assailants will need to further escalate privileges to access more systems. The latter is becoming increasingly important as cybercriminals can use legitimate logins, completely bypassing your other security controls like EDR or email protection.

5. Coverage and good tech

Finally, you must have good coverage and ensure that the above foundational tools are deployed everywhere, leaving no chinks in your company’s armor that can be exploited. 

Having good defensive technology in place can also help you get more affordable cyber insurance and do it more quickly. 

Look beyond tech as part of risk management

Data breaches are costly. In 2021 the global average cost of a data breach across organizations of all sizes hit an all-time high at $4.24 million, according to IBM’s Cost of a Data Breach Report. 

The same report also found that there was an 80% cost reduction for companies that had some sort of AI and automated security solutions in place. 

The cost of a cyberattack rarely comes from the breach itself,  rather it comes from its associated costs — investigation, remediation, recovery, restitution of victims, and so on. Even if your company has the right cybersecurity tech in place, an attack is always possible as cybercriminals are becoming more sophisticated by the day. 

As part of a sound risk management strategy, companies should make strategic investments that help offset and minimize the associated financial risk. The two main investments in this area are cyber insurance and incident response (IR).

Cyber insurance

Cyber insurance can help mitigate the costs associated with a security breach, including:

• Consulting and legal costs
• Victim restitution
• Fines
• Recovery technology
• And, in some cases, ransomware and extortion fees

Cyber insurance transfers financial risk from the SME to the insurer and is, therefore, better for the company’s overall financial health. 

A report by IBM showed that 51% of organizations with cyber insurance used it to cover legal and consulting costs associated with the data breach. Another 36% of insured companies used it for covering restitution to victims. 

Incident Response (IR)

Despite best efforts, there is always the possibility of a breach. Once a breach has occurred, it is vital to investigate, remediate, and recover as fast as possible. 

The way to achieve this is to invest in an incident response (IR) retainer. The predefined rates and SLA for response ensure there’s no panic during an actual breach. Furthermore, many packages include proactive services such as helping your business build a solid incident response (IR) plan and performing tabletop exercises to make sure you’re well prepared.

Modern Managed Security Service Providers (MSSPs) are a budget-friendly solution

Even the foundational elements of cybersecurity can come at a high price tag when added together. And then there’s the investment of time to both implement and maintain all the required tools. 

SMEs don’t have the “attention budget” to talk to the board, exec team, or stakeholders about every new process or technology. Also, without the time and resources required, SME IT leaders will find it difficult to evaluate vendors, pilot products, and generally onboard new tech. 

These are precisely the problems solved by MSSPs, organizations dedicated solely to providing security solutions to businesses and managing those solutions effectively.

Because MSSPs are dedicated entirely to providing security services, they can also benefit from the economies of scale and offer the full package of cybersecurity tools at a fraction of the cost. In this way, even SMEs can build a security posture that is on par with those of larger companies. 

Failing that, it is nearly impossible for SMEs with limited budgets to afford excellent cybersecurity talent. But with a good MSSP, 24/7 support by highly skilled cybersecurity experts becomes available. 

Other benefits of an MSSP include:

• Sourcing the correct tech stack. There are many options for the various foundational services but not all are suited to every company. It depends on several factors, including the all-important budget. The MSSP would figure all of this out.
• Working with a single vendor means the SME only has to make one decision on a single budget item. This results in more cost-effective cybersecurity and faster time-to-value.
• Requiring only one conversation with executives, stakeholders, and the board saves their valuable time because the MSSP is the umbrella that covers all necessary cyber resilience tools and services. 
• Budgeting and forecasting remain simple as the SME grows, especially if the MSSP is leveraging a simple pricing model.
• Helping you source a great cyber insurance policy and bundle in IR as part of a retainer.

SolCyber is an MSSP specializing in increasing cyber resilience for SMEs. We offer both Foundational Coverage and Extended Coverage to close any gaps in an SME’s security posture. And SolCyber’s Insurance+ Program lets SMEs be fast-tracked through their cyber insurance applications, with access to potential savings of up to 30% on premiums. To learn more about how SolCyber can improve your cyber resilience, contact us today.