The risk of security breaches for mid-market businesses cannot be overstated. The last few years have shown that no business — no matter the size — is completely safe from external or internal threats. So, while some enterprises are trying their utmost to keep up with the latest security measures, there are several ways they can trip up.
These nine gaps are crucial for IT leaders to consider when mapping out security strategies so they don’t miss a beat.
Pride goes before a fall, and for many mid-market businesses, pride may be playing a stronger part in security planning than expected. A 2017 study found that 95% of mid-market businesses believed their security posture to be “above average,” and that they were spending enough to cover the gaps. Those who believe themselves safe are the most likely to not catch the problems that may emerge.
Time to Patch (TTP)
Sometimes vulnerabilities are known about, but getting the word out can be slow. Just because a software maker knows about a potential problem with software doesn’t mean a patch is immediately available, or even available in a timely fashion. While this can be at least partially addressed with patch discipline—making sure available patches are always applied quickly—the threat doesn’t stop because a new patch is being developed. Be ready to protect a system in the time between the threat being found and the cure being created.
Many businesses have made a good start of security, putting firewalls in place or the like. When such protective measures are in place, it’s easy to think that that’s “good enough” and carry on from there, addressing the other issues on a priority list. However, security is a constantly evolving matter, and the threats to security change every day. Firewalls and similar matters may be good enough to protect the threats of today, but what about tomorrow’s threats? Next year’s? A constantly-evolving security presence is the only way to ensure protection all the time.
An advanced persistent threat (APT) represents a major threat to business operations. Worse, it’s a threat that can’t always be prepared for. Businesses often focus on threat detection or prevention, but APTs represent a threat that has already breached the network. This means that other methods of protection are called for. While businesses often focus their security measures on perimeter defense (prevention of a breach or mitigation of a breach) adding some focus on data encryption can help ensure that — even if data is seized — it’s worthless without the related encryption key.
We’ve already seen what happens to a bottom line when customers flee a data-breached business, but what about the data itself? If that data is lost or stolen, it impacts the business’ ability to carry on. Data’s value in the business is well known in everything from analytics to marketing campaign creation;losing that data is lost progress across the entire business. This can have impact on everything from operations to innovation into future developments.
Lack of focus
Don’t count on IT as your only line of security. IT has enough to do keeping the network running and the operators’ issues settled. Make sure your security is dedicated security — whether that be staff or an external provider. Whoever it is might report to IT, but they should be purely devoted to the security technologies your business needs.
Not every threat can be investigated with the rapidity and thoroughness a threat deserves. Some threats are even false alarms; just look at what happened in Hawaii recently. Prioritizing threats to investigate also takes time, and sometimes, the biggest threats aren’t investigated quickly enough. This discrepancy makes for trouble, as minor threats are investigated ahead of their due, while major threats can go without proper response.
A lack of visibility
As Donald Rumsfeld once noted, sometimes we don’t even know what problems we need to face. These “unknown unknowns” mean we must have better visibility into operations. Several tools have emerged to help provide that necessary visibility, but such tools need to be put in place before the next threat. It’s hard to overstate how important visibility into a system’s workings are; the more problems that can be spotted, the fewer problems are likely to go unaddressed. A security technology provider can shed light on the latest tools a mid-market business needs to gain better visibility into the network.
What should mid-market businesses do next?
If you’re looking at your own security measures and finding them a bit wanting, then get in touch with us at Coretelligent. We’re ready to offer you an expert, holistic approach to security that lets you protect not only your technology, but also your processes. We can even provide education about threats to come, making your business more likely to survive tomorrow’s threats today.