Excerpts
The Essential Guide to Cybersecurity for SMBs: Section 1 – Approaching Cybersecurity as a Critical Business Function
“I don’t have to worry about cybercriminals; I am a small company. Why would they care about me?” I can’t count the number of times I have heard a version of that statement. I have found that many SMBs don’t see themselves as targets. I gather that in the digital...
The Essential Guide to Cybersecurity for SMBs: Section 2 – Understanding Cyber Hygiene: It’s About the Basics
In the early morning hours, a security manager from a local SMB wakes up with her cell phone chirping. As she quickly looks at the offending device, she realizes it’s a text message from one of her organization's vendors who provides cybersecurity services. As she...
The Essential Guide to Cybersecurity for SMBs: Section 3 – Cyber Threat Intelligence (CTI): Providing Clarity to Cybersecurity Programs
Security managers and their security programs today often find themselves triaging a breach after the attack is over and analyzing digital artifacts as they try to piece together an event that happened in the past. Hopefully, the information they glean from the files,...
The Essential Guide to Cybersecurity for SMBs: Section 4 – What Does a Cyber-resilient Business Look Like?
Resiliency is not just for large organizations. SMBs should incorporate resiliency principles as a means of reducing risk. As a community, we continuously hear that all companies are experiencing a rise in the threats and attacks they face and that there are new...
The Essential Guide to Cybersecurity for SMBs: Section 5 – An MSP’s View on SMB Risk
In Chapter 18, I discussed the considerations SMBs and their security managers should consider when they select a managed service provider (MSP) or a managed security services provider (MSSP) for external technology and security services. However, there is also...
The Essential Guide to Cybersecurity for SMBs: Section 6 – Building Your Cybersecurity Strategic Plan
Technology changes at a rate most businesses can’t keep pace with, and this lag introduces considerable risk to a company’s business operations. To manage this risk, many security leaders must wade into an ever-changing, turbulent network landscape and seek to...
The second edition has been updated with new insights and updated references.
Small- and medium-sized companies are now considered by cybercriminals to be attractive targets of opportunity because of the perception that they have minimal security. Many small companies are doing business online using new technologies they may not fully understand. Small businesses supply many larger organizations, resulting in possible connections to corporate networks that bring unforeseen risks.
With these risks in mind, we present The Essential Guide to Cybersecurity for SMBs for security professionals tasked with protecting small businesses. Small businesses can reduce their risk and protect themselves by implementing some basic security practices and accepting cybersecurity as a strategic business initiative. The essays included in this book provide both security professionals and executives of small businesses with a blueprint of best practices that will help them protect themselves and their customers.