Centre de recherche > Qu’est-ce qui rend la cybersécurité des petites entreprises différente?
Article
5 min

Qu’est-ce qui rend la cybersécurité des petites entreprises différente?

What makes small business cybersecurity different? Are small businesses less likely to be hacked than large enterprises? In this blog post we answer these questions and more.

Qu’est-ce qui rend la cybersécurité des petites entreprises différente?

Are small businesses less likely to be hacked than large enterprises? Does the type of attack differ for these organizations compared to their larger counterparts? In the latest episode of our six-part podcast series, Get IT: Cybersecurity insights for the foreseeable future, you'll get the answers to these questions plus more insights on how the threat landscape small businesses operate within requires a different way of thinking.

In Episode three, Theo van Wyk, head of cybersecurity at CDW, and Sean Earhard, advanced threat solutions specialist at Cisco Systems Canada, discuss the differences and similarities between small business and large enterprise cybersecurity threats and strategies. Here are some topics they tackle in episode three:

Everyone is at risk

It may be surprising to some, but small businesses are just aslikely to be targeted by attackers as large enterprises. It's not necessarilythe organization size that is targeted, but rather the software; no matter anorganization's size, user error results in network vulnerabilities that badactors can exploit and, to a great extent, most organizations use commonsoftware systems.

Small business' cybersecurity advantage

There are pros and cons in mitigating and remedying cyberincidents for both large and small businesses, but the latter has certain security advantages due to the way they're targeted.

Looking first to the enterprise level, many largeorganizations are more susceptible to targeted, tailored and under-the-radarattacks where the prizes are highly valuable data and assets. One example ofthis is Maze ransomware, where the bad actor picks an environment compiled on aper-target basis and relentlessly attacks, oftentimes selling the infiltrationability to the highest bidder.

In addition, large organizations typically aren't as agileas their smaller counterparts and can have complex processes and proceduresthat can fragment response protocols. On the other hand, these organizations dohave ample resources which can allow for a multitude of experts and tools toprotect infrastructure.

Turning to smaller organizations, opportunistic attacks are the likeliest threat. Attackers typically write ransomware or blast out an email attack, occasionally targeting an entire series of platforms in the hopes of finding a security gap. The advantage for small businesses lies in their size and attack surface area, both of which are much smaller. Fewer devices that are more concentrated, with simpler underlying infrastructure and dynamic processes, makes a network easier to secure before and in the event of a cyberincident.

The primary drawback for cybersecurity preparedness andresponse at small businesses is resource constraints and access to the type of toolsets.While a small business' dynamic processes may be a cybersecurity boon, an ITprofessional who wears too many hats could miss important signs of an impendingor active breach.

Breach response

While no two cybersecurity incidents are the same, thefundamental elements in responding to a breach are similar for small and largerbusinesses.

Looking at organizations that experience ransomware attacks,the crucial first step is containment. The next steps, usually executed inparallel, are beginning the remediation process and examining the affectedsystem to find the root cause. Merely restoring the breached sections of anetwork, environment, system or assets to a trusted state does not reveal howthe attackers infiltrated it in the first place; as such, it's critical todetermine the entry point, attack method and most effective patch. If thisisn't possible, the chances of reinfection from the same ransomware program areextremely high.

When personal identifiable information or customer data are impacted, there are potentially a number of federal, provincial and international government regulations that companies have to consider regardless their size. For small businesses that may have a generalist IT staff, the twin challenges of finding the root cause and identifying the exact threat, all the while ensuring regulatory compliance, can be prohibitive. A high degree of sophistication and specification is required when it comes to threat hunting, incident response and cyberforensic analysis resources that many small businesses may not readily have at their disposal.

The impact of cloud-based remote work

There is a very clear divide between where organizationsoriginated and how the pivot to remote work has impacted cybersecurity including small business networks. For those organizations that already hadflexible working policies and were utilizing cloud, the impact has been muchless drastic than one might expect. Office-centric organizations, however,likely still have a plethora of data locally on a server.

Office centrism typically means that there were a limited numberof remote access toolsets ready to deploy at the onset of the pandemic andnew tools can come with steep learning curves. The rapid push to remote workand proliferation of IoT corporate, BYOD devices and vulnerable home Wi-Finetworks has strained cybersecurity and cloud security not optimized for remoteaccess.

At CDW, we've seen a strong surge in the number of smallbusinesses who have transitioned to the cloud. While it does make organizationsmore efficient and maintains businesses continuity amid the ongoing pandemic,it's important to remember that transition to the cloud combined with anincreased attack surface area increases avenues for attackers. When adoptingcloud services, it's critical to keep cybersecurity in mind.

Discussion instead of fearmongering

Small business employees are equally as likely to facesecurity breaches as employees of larger companies. It's important for everyorganization no matter the size to dedicate part of the onboarding processto breaches and cybersecurity risks. When employees have a sense of where theysit in the chain and what could potentially happen, it promotes understanding,ownership and organizational responsibility. Fearmongering has a detrimentaleffect and can minimize employees' emotional response and willingness to learnor participate.

Cybersecurity next steps for small businesses

It's important to understand the context of what cybersecuritymeans to a small business. There is a variety of frameworks and toolsets, but thefirst thing to do is take a step back. Knowing the answers to questionslike what is critical to protect?, do you know where that data is? and howdo your employees work with this incredibly vital information? should be thestarting point. Once you can answer these questions and truly understand whatyour organization is doing with data, then you can apply appropriate securitycontrols. Otherwise, it's easy to get overwhelmed and potentially lose your wayin a security maze.

It's also important to consider the time you can dedicate.Small business owners are unlikely to have the hours required to dedicate tocybersecurity, and there is a huge opportunity for you to chain different,automated solutions together to free up employees' time for other tasks.

Don't shoehorn your business into a framework or a securitymodel. Instead, take the intent behind the model and ensure you embed it inyour organization.

For more insights on the cybersecurity risks for small businesses, listen to episode three now.