Morphisec Cybersecurity Blog

SMB Cybersecurity is Failing. Want to Succeed?

Written by Bill Reed | April 27, 2022 at 1:30 PM

For small and medium businesses (SMBs), digital transformation has been a double edged sword. Cloud technologies and IoT devices have boosted productivity during a punishing pandemic where every dollar counts. But these advances have come at a cost. Right now, SMB cybersecurity is failing to deal with a tsunami of cyberthreats. 

According to IBM, 52 percent of SMBs have likely experienced a cyber attack in the last year. For many, the next breach may also be their last. Cybercrime Magazine reports the financial pressure and reputational damage of a data breach results in around 60 percent of hacked small organizations going bust within six months. 

SMBs have a lot at stake when it comes to cyberthreats. They lack larger enterprises’ capacity to absorb ransom payments and reconstruction costs, and the ability to shrug off bad PR. This means for most small and medium-sized organizations, a reactive security strategy kicks in too late to really help. So SMBs need a security posture that stops attacks before they happen. Tools like next generation antivirus (NGAV), endpoint detection and response (EDR), and extended detection and response (XDR) can stop and remediate already known threats. However, they don’t prevent zero-day exploits and in-memory attacks—but Morphisec’s Moving Target Defense (MTD) does. 

 

SMBs Face an Extreme Threat Level

For every headline-grabbing enterprise cyberattack, there are thousands of unheralded SMB breaches. And while SMBs may previously have been low on cybercrime hit lists, they are fast becoming a main focus. This development is highlighted by an alert the Cybersecurity and Infrastructure Security Agency (CISA) released in February this year. According to CISA, threat actors decisively moved their focus from ‘big game’ targets in 2021 and towards SMBs. 

From a business point of view, this shift in cybercriminals' targets makes sense. Hacking a major enterprise or piece of critical infrastructure like Colonial Pipeline can be incredibly lucrative. But a much faster and easier route to payday is to hack a less well-defended SMB. The typical ransom demand is now over $2 million. So low-effort attacks that result in an ‘average’ payout can be an easier path for cybercriminals seeking high ROI. 

As SMBs become more attractive targets, they are also more vulnerable than ever. While COVID-19 expanded attack surfaces overnight, shrinking them is proving slow. A recent survey by Cisco noted only 39 percent of SMB security professionals say they’re successfully managing their top risks. SMB security teams are also more likely to be understaffed and overworked than their enterprise counterparts. Too often, lean IT teams are burdened with security as an extra responsibility rather than a core focus. 

 

SMB Cybersecurity is Difficult

Traditionally, SMB cybersecurity suffers from three weak points: budget constraints, lack of IT staff, and time constraints. These limitations are unlikely to improve. Overall security spending is increasing, but it still dramatically lags the threat level. In 2021, cybercrime is estimated to have done $6 trillion of damage. Businesses spent around $150 billion on security to counter this damage. 

SMB security spending is also highly exposed to economic tradewinds. If the business environment sours, it’s hard for SMB leaders to maintain or double down on security spending. Even if they could, the cybersecurity skills gap keeps growing wider. And it’s harder than ever for SMBs to find knowledgeable individuals, regardless of pay. At the moment, there are almost 600,000 unfilled security jobs in America.  

Meanwhile, SMBs will always suffer from time constraints when deploying solutions or implementing proactive security measures. Few small or medium-sized organizations can tolerate the downtime that hardening endpoints and implementing proactive security measures requires. Unfortunately, the average cost of a data breach for an organization with <500 employees now sits at $2.98 million. So focusing on remediation can be a fateful business decision.

 

Traditional Security Solutions Are Failing SMBs

To stop threats instead of just reacting to them, SMBs must respond to threat innovation. This means putting in place solutions that handle next-generation threats.  

In a traditional, static network environment, victims’ network assets are a predictable target for threat actors. Criminals can take their time to find and exploit weaknesses like unpatched applications as access pathways for malware. Conventional security solutions focus on scanning these environments, looking for the tell-tale signatures threats leave in their wake. But signature-based detection doesn't work against malware with an in-memory signature, or against zero-day attacks with an unrecognizable signature. This means popular attack methods such as Cobalt Strike backdoors can be successfully deployed against SMBs with antivirus (AV) or endpoint protection and prevention (EPP) solutions.

 

Putting Prevention First With Moving Target Defense

Against a soaring threat environment, SMBs need a solution stack that flips the script. Enter Morphisec’s Moving Target Defense (MTD) technology. By morphing device memory, MTD creates an unpredictable environment which makes it impossible for threats to breach applications in the first place. MTD also provides virtual patching for vulnerabilities and gives SMBs the time to execute proactive cybersecurity strategies. 

Morphisec’s MTD solutions provide SMBs with powerful, cost-effective protection against advanced threats. In fact, Gartner called Moving Target Defense one of the most impactful emerging technologies in the security market today. 

Lightweight and needing no human intervention, Morphisec offers highly effective zero-trust security for endpoints and enables continuous runtime protection for cloud and on-premise services, providing protection without false positive alerts. Morphisec’s MTD augments other endpoint security solutions and integrates seamlessly with Microsoft Defender for Endpoint. It provides an affordable and elegant solution that prevents the advanced attacks other solutions don’t. To find out more, schedule a demo today.