Retail

Cyber Security challenge: SMBs and large enterprises face common threat but separate response routes


Cybersecurity is a critical concern for businesses of all sizes, however, it poses distinct challenges for small and medium businesses (SMBs) due to their constraints of resources and access to expertise. The attack profiles are increasingly similar between SMBs and large organisations.

According to data from the “Data Breach Investigation Report 2023” by Verizon, SMBs experience 699 incidents annually with 381 cases of confirmed data disclosure and large businesses face 496 incidents annually with 227 cases of confirmed data disclosure. System intrusion is the top common threat.

There are several safeguards’ companies can implement to protect themselves, says the report. It points to the controls offered by the Center for Internet Security (CIS) — a nonprofit that provides products and services to help organisations safeguard their system and data from cyber threats — as a “good starting point”.

The nonprofit has developed an interactive software, CIS critical security controls navigator, to assist organisations to analyse their cybersecurity status. It also helps organisations track their advancements in implementing CIS controls, which are guidelines generated by CIS to reduce cyber risk and enhance their defences. It offers a tailored approach by classifying the CIS controls into three implementation groups (IG1, IG2, and IG3) based on the organisation’s security maturity level and resources.

The classifications are:
IG1: Essential cyber hygiene for small businesses with limited resources, providing fundamental steps to defend against common cyber threats.

IG2: Advances protection for midsize businesses, addressing social engineering threats and incident response management.

IG3: Comprehensive defence for larger SMBs, incorporating application software security and penetration testing to enhance information security posture.

Readers Also Like:  Shoppers in Great Britain switch to frozen food amid cost of living crisis

Adhering to these controls, which builds on top of previous ones, enables SMBs to enhance their security posture and respond effectively to threats.

While the CIS controls provide a strong foundation, each organisation must customise its security measures based on its unique risk profile and tolerance. Regularly tracking security metrics and the ongoing improvements to the security posture are essential for staying ahead of cyber threats.

ETRise MSME Day 2022 Mega Conclave with Industry Leaders. Watch Now.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.