Skip to the main content.

3 min read

Betting on Layered Security

The Cybersecurity Deck is Stacked Against SMBs

Many small- to medium-sized businesses (SMB) continue to operate under hope that they are too limited in scale to attract the attention of cybercriminals. Unfortunately, the numbers do not support such optimism and these vulnerable enterprises are playing a dangerous game with the odds stacked against them.

The Ponemon Institute’s 2017 State of Cybersecurity in Small & Medium-Sized Businesses report reveals that 61 percent of SMBs suffered a cyber-attack in 2017 and 54 percent experienced a data breach. The cost of these attacks can range from thousands well into the millions of dollars. Of SMBs hit with ransomware attacks, 60 percent shut down within six months of a breach, according to the U.S. National Cyber Security Alliance.

Cybersecurity threats are constantly evolving, and no single-shot panacea exists to deliver comprehensive protection. Just as health gurus recommend taking a holistic approach to guarding the body from illness, security experts are championing the idea “defense in depth” to shield their clients’ network infrastructure and data from hostile entities. Integrated solutions for enterprises large and small bring together hardware, software, cloud resources and best practices to provide multi-layered protection from present and future threats.

Policies and Security Awareness Training

No discussion of layered defense can ignore the human factor in cybersecurity. The inadvertent actions of employees can quickly render any multidimensional software/hardware security solution useless, illustrated by the 24 percent of cyber security incidents in 2017 credited to human error. Without the proper security policies backed up by training in cybersecurity best practices, your staff becomes the weak link in any cybersecurity strategy. Employees must be educated about the latest threats, particularly with regard to social engineering attacks like spear phishing and reverse social engineering. In addition to mitigating human factors among your own employees, it also pays to encourage outside vendors with access to your system to employ strong cybersecurity policies.

VPN and Firewall

The “bring your own device” (BYOD) trend has opened the door or an array of new threats by allowing employees to use personal devices at work. To minimize these risks, a virtual private network (VPN) can provide an early line defense in an enterprise’s layered security solution. VPN operates as private passageway that encrypts, authenticates, and securely transfers communications between individual users and a company. The addition of a firewall brings to bear added security measures that can include packet filtering, anti-virus, anti-spam, anti-phishing, content filtering, and intrusion blocking for a robust defense against cyberattack.

Treat Your Data Right

Data classification and backup play a key role in any layered approach to cyber security. Not all data is equal in the eyes of cybercriminals, and different classes will require their own security policies and approaches.  Data classification is a process that identifies the different levels of sensitivity your data has and defines the types of solutions employed to protect it. This includes the manner in which data is backed-up and the steps taken to secure backed-up data. Once classified, a company can prioritize user access.

Advanced Threat Protection and WAF

Along with busily countering human assailants, enterprises often face an array of automated attackers in the form of advanced persistent threats (APT). APTs are difficult-to-detect, continuous hacking processes that frequently target companies, chipping at their defenses in search of vulnerabilities to exploit. Advanced thread protection can stop APTs in their tracks by employing tools that sandbox threats by simulating hardware, exposing those malicious programs that may slip past other security measures. Web application firewalls (WAF) offer another layer of control by protecting web applications from such threats as zero-day exploits, impersonation and known vulnerabilities and attackers. WAFs utilize customized inspections to prevent cross-site scripting (XSS) attacks, SQL injection attacks, session hijacking and buffer overflows, which traditional network firewalls and other intrusion detection systems may miss, but are critical to companies providing products or services over the Internet.

Digging Deeper — Threat Analytics, Microsegmentation, SIEM, IDS and IPS

There is no avoiding the fact that layered cybersecurity often complicates SMB solutions — the defense in depth approach demands thorough management to provide effective protection. Thankfully, a cloud-based threat analytics system can deliver comprehensive feedback from each security layer, providing automated scanning of network assets, analysis of traffic and data to reveal potential threats, and centralized controls.

Another deeper approach to cybersecurity examines threats on the granular level. Microsegmentation isolates secure zones in data centers and cloud deployments, segregating workloads from each other and securing them separately. Security information and event management (SIEM) allows enterprises to gather relevant data from multiple sources, identify deviations from the norm and take appropriate action. Similarly, intrusion detection systems (IDS) and Intrusion Prevention Systems (IPS) — often simplified and intrusion detections and prevention (IDP) — scan networks to identify and isolate abnormal activity.

While the perceived complexity of deploying a multi-tiered cybersecurity solution might intimidate some small enterprises, it should not. Many security providers and IT companies specialize in creating centralized, easy to manage layered security packages for SMBs. When considering the alternative, gambling with one’s future in the face of overwhelming cyber threats is a bet no business should take.

To learn how you can add an extra layer of security and prevent cyberattacks on your proprietary business data, check with Valeo Networks for a FREE Network Assessment (a $250 Value), which includes a Data Security Analysis. Contact Valeo Networks at 800-584-6844 or via sales@saalexIT.com.

Do You Have Cybersecurity Operations in Place to Prevent an Attack?

Do You Have Cybersecurity Operations in Place to Prevent an Attack?

With cybersecurity attacks on the rise and the complexity of these attacks becoming more and more advanced, it is crucial for you business to have a...

Read More
How Is the Internet of Things (IoT) Being Impacted by Malware?

How Is the Internet of Things (IoT) Being Impacted by Malware?

If you have any Internet of Things (IoT) compatible devices, then you are susceptible to malware attacks. Learn more about how malware is impacting...

Read More
Bolstering Your Security Operations Center to Reduce Risk of an Attack

Bolstering Your Security Operations Center to Reduce Risk of an Attack

Many companies still don’t consider cybersecurity attacks a major threat. With the number of attacks on the rise and the complexity of these attacks,...

Read More