SMEs need to focus on operational cybersecurity
SMEs need to focus on operational cybersecurity
Some organizations prefer to start their cybersecurity strategy by writing their governance framework (security policy, cybersecurity processes, etc.). Once the documentation is ready, they implement the required cybersecurity technologies.
Others prefer the operational approach: implement security technologies directly and possibly write a security governance framework later.
Both approaches are recognized as valid and their adoption will depend on several factors, including the size of the organization, its contractual obligations, the organization's culture, etc.
In an SME context, the operational approach is the most effective as it not only provides the best results, but also offers the best value for money.
Here are our recommendations for SMEs:
Recommendation 1: Focus on the operational defense of your IT assets
Your network is like a castle coveted by invaders. You must defend it at all costs.
Solution: You need to start your cybersecurity strategy by putting in place tools that can protect your IT infrastructure from internal and external attacks.
- An antivirus or EDR on every computer
- Intrusion detection system (IDS/IPS/NDR) to protect your network perimeter
- Robust access control
- etc.
Recommendation 2: 24/7 monitoring of your network security
Once your network is protected, you need to take ownership of all malicious activity targeting you, so that you can quickly isolate and address those that may become a problem.
Solution: Hackers don't take weekends or vacations and attack you 24/7. You need to monitor your network security 24/7 if you don't want any unpleasant surprises. Monitoring should include security events generated by all your tools (antivirus, EDR, IDS/IPS/NDR) as well as your email solution (O365, etc.).
Recommendation 3: Have 360-degree visibility of your network and eliminate all blind spots
You need to ensure that you have 360-degree visibility into all computers, servers and applications in your IT infrastructure (internal network and cloud). This way, you will be able to identify any attacks that are targeting you. If there are computers that are not monitored, they will be your blind spots and you would never know if they are attacked or not.
Solution: The best way to have 360-degree visibility of your IT infrastructure is to deploy technology that automatically discovers the computers in your estate. IDS/IPS/NDR make this possible.
Security tools such as SIEMs do not offer this capability.
Recommendation 4: Write only strictly necessary paperwork
While some organizations write cybersecurity papers (policies, processes), hackers write attack computer programs (viruses, ransomware, shellcodes, etc.). So don't get caught up in the game of writing cybersecurity papers because it ends up being a distraction. Many organizations spend 6 months to a year writing their cybersecurity papers without implementing any technology tools, which puts them at high risk of being hacked. Don't fall into this category of organizations.
Solution: just write the necessary cybersecurity papers. Here are the TOP 3 security papers you should always have:
- The security incident response plan
- Access control policy
- The business continuity and disaster recovery plan.
Then write the other papers as needed.
Find out how our CDS and MDR service can keep your network safe
We're confident that after seeing the results of our remote MDR security monitoring, you won't want to leave your network unprotected. We're offering a free 30-day evaluation that includes:
- An information session
- Configuration of the CDS in your network
- Free 30-day evaluation and proof of value
Talk to one of our experts or call us at +1 877 208-9040.