Small and medium businesses aka SMBs are targets of cyberattacks and their strategies to cope with these threats are much different from those of enterprises. This article lists a few of them.

SMBs also hold valuable sensitive data such as employee and customer records, financial transaction information, intellectual property, and access to business finances and larger networks critical to their success. Cybercriminals recognize both the vulnerability and the value of SMBS. Among the different types of attacks on SMB, the common attacks include malware developed to manipulate or compromise target systems, malware free attacks that don’t leave artifacts and move laterally to compromise target systems, vulnerabilities in systems and applications that can be compromised to gain unauthorized access to computer systems, phishing and email based scams that impersonate credible people and organizations to steal credentials, compromised credentials in the form of stolen identity and account data, insider threats where employees become accomplices, and zero-days where new and unprecedented exploits are leveraged to mount planned and targeted attacks.

Traditional methods such as virus and malware detection based on signatures are no longer sufficient. In addition, penetration into the SMB assets can be leveraged for lateral movement and data exfiltration which significantly increases the loss. Data theft, ransomware, extortion and hacktivism are only some of the examples.

Strategies to counter these attacks include:

1. Understand the reality of cyberattacks: There are hundreds of adversary groups that launch cyberattacks. Sensitive data is always a prime target regardless of what business owns it. Antivirus and firewall are not sufficient. Sometimes breaches go undetected for hundreds of days. Costs for continuity and recovery can be so high that SMBs may not recover.

2. Implement basic cybersecurity hygiene practices. These include strong password policies, enforcing multi-factor authentications, performing regular backups of critical data, keeping current with security patches and updates, locking down cloud environments, implementing and testing threat detection and response, and securing your network.

3. Employee upskilling, education and training and regular assessments: Inform the employees of improvements to authentication channels and continuously test their responsiveness with asking them to identify fraudulent messages.

4. Overcoming limited resources and expertise: When expert resources seem out of reach, there can be automations and dedicated teams to set policies and monitor, respond to and stop attacks.

A managed detection and response service or solution may also be a best fit for your business.