29 percent of small to medium-sized businesses (SMBs) spend less than $1,000 for their IT security each year. This comes as a worrying statistic considering the rampant cybersecurity threats that all businesses face these days.
Falling victim to a cyberattack can have serious consequences especially for SMBs. Security breach costs are rising. The recent IBM study showed that the cost of data breaches has risen by 12 percent over the past 5 years.
A breach to an organization with less than 500 employees results in an average of $2.5 million in losses. Such costs can easily drive an SMB towards bankruptcy.
Fortunately, solutions providers are now leveraging cloud computing and software-as-a-service (SaaS) deployment models to make their tools available and more accessible to SMBs. File-based attack protection solution odix, for instance, was recently awarded a 2 million euro grant by the European Commission (EC) to allow SMBs to better access its malware disarm technology.
“Cybersecurity threats have come a long way from the viruses of decades ago. What’s alarming is that hackers now have a multitude of tools, methods, and technologies to help them carry out attacks.”
“They have access to source codes of various malware. Remote access tools can also be readily bought online. SMBs, with their meager security, are now highly vulnerable to these threats.” shares odix CEO Dr. Oren Eytan.
SMBs are Exposed
Large organizations now typically use a host of enterprise-grade solutions that protect the various components of their IT infrastructure. However, having such security requires serious spending not only on the solutions but also on human resources and training.
Almost every business now supports some form of IT use. Consumers are shifting their buying behavior to prefer digitally enabled channels. As such, SMBs are also adopting digital solutions. This means that they now store and process customer and financial information in their systems. As such, SMBs have now become the prime targets of attacks.
But with poor protection due to minimal security investments, hackers can easily breach these systems. The data that they steal can readily be sold on the dark web. Given the ease by which these breaches can be done, attacks on SMBs are often a highly profitable activity for these malicious actors.
Cheap and Free Solutions Not Enough
It is understandable why SMBs choose to spend meager amounts on cybersecurity. Most entrepreneurs are typically more concerned about activities that grow their businesses such as investing more in their supply chain or their sales and marketing activities.
To comply with calls for them to secure their office IT, most resort to using free endpoint security applications such as antiviruses and personal firewalls. Some may not even bother looking for third-party solutions since Windows has these tools available by default with the operating system.
Unfortunately, the threats businesses face have already evolved. Exclusively relying on these tools isn’t enough to cover their bases. The malware used for file-based attacks, for instance, are now polymorphic. These malware automatically may change their file types and signatures to evade signature-based detection used by ordinary antiviruses.
Attackers are also using more complex scripts and algorithms to personalize phishing emails. This cleverly disguises the email and attachments in order to convince users to click on malicious links or run payloads. Conventional email scanners may be fooled by these sophisticated methods.
Powerful Tools to the Rescue
The good news for SMBs is that solutions providers are now making real moves to address their needs. Enterprise-grade tools that were previously only available to large companies are now being directed to the SMB market. The rise of SaaS and managed security service providers should help ease the burden of needing to add costly infrastructure, appliances, and additional human resources.
odix’s malware disarm solution is capable of deeply scanning work documents, files, and email attachments to identify cleverly disguised and polymorphic malware. It can also sanitize files to make sure that work documents continue to be usable after cleanup. Conventional approaches against malware such as relying on antiviruses’ real-time scanning or manually checking files in sandboxes often fail to detect complex malware.
odix’s ecosystem also features other security solutions such as a mail proxy that sanitizes all attachments before they enter a person’s inbox and a kiosk or a dedicated workstation that can be used to sanitize files on removable media.
“We are very excited to be able to offer our solutions to SMBs. We believe that cybersecurity is a shared responsibility. The fact that SMBs are often left out because of a lack of access to powerful tools just emboldens malicious actors to persist. The EC grant comes as a welcome development as it will allow us to fund the effort to make our enterprise solutions more accessible to SMBs,” Dr. Eytan said.
What’s Really Needed
What is ultimately important is for SMBs to face the reality of operating in today’s tech-driven business landscape. Cybersecurity is part of doing business. As such, they must put in place a comprehensive security plan as part of their business strategy. Part of this is earmarking a reasonable budget to invest in security solutions. The move by solutions providers like odix to expand their offerings to accommodate SMBs should encourage SMBs to commit more on cybersecurity. Such solutions are just what they need to improve their protection and security.