In a recent article entitled “SMB Security: Don’t Leave the Smaller Companies Behind” DarkReading’s Joshua Goldfarb discusses the issues smaller companies face when trying to maintain their cybersecurity.
First, Goldfarb provides context, explaining that the cost of maintaining a secure and effective cybersecurity team can be quite high; and for small and mid-sized organizations, the costs may be overwhelming. In such an organization, the cybersecurity team may only be, at best, one or two individuals. This means that doing an assessment of the organization’s cybersecurity posture and developing a strategic plan may exhaust an entire year’s budget. This assessment and planning does not include the other costs of cybersecurity such as the budget to acquire, set up, and operate technologies that are meant to help mitigate an organization’s cybersecurity risk. The result of this gap between larger and small to mid-sized organizations means that smaller organizations tend to get left behind.
The article offers three ways that small and mid-sized businesses (SMBs) in conjunction with the security community can start to close the security gap.
- First, it is important to allow SMBs into the cybersecurity circles that may have been closed to them previously. This may mean more sharing of information between SMBs and larger organizations so that small and mid-sized businesses can benefit from the cybersecurity strategies, processes and products that larger organizations are using.
- It would also be beneficial for SMBs to work collaboratively with each other, and potentially larger organizations. This would help give all the collaborators a deeper understanding of the cyber threat environment they face as well as methods to mitigate those risks that have been successful and those that haven’t. Through information sharing, organizations can focus their efforts on what has been most effective in mitigating cyber threats, which is ultimately more cost effective.
- Finally, it is important to make sure that cybersecurity vendors understand the unique challenges and situations of SMBs to better address them. Rather than trying to rework a product designed for a large business, vendors should truly adjust their offerings for SMBs.
Read the article here.