You ve probably heard about the massive data breach of customer records from the controversial infidelity website Ashley Madison.
Details on about 37 million Ashley Madison customers were exposed when malicious hackers published a database of their names, email addresses and even more intimate information on a dark web forum. The hackers also leaked internal corporate data including the private emails of Ashley Madison s CEO. The consequences of the breach are potentially devastating for Ashley Madison s customers, but the company is also facing serious fallout, including class action lawsuits and incalculable brand damage.
Many small and mid-sized business leaders might be thinking: I don t need to worry about that no one would be interested in attacking my business.
But that is just not the case. In 2015, 74% of small businesses experienced a security breach, according to a PwC report. The US Department of Homeland Security found that cybercriminals target small business bank accounts more than any other sector.
SMBs are also frequently targeted by cybercrooks using sophisticated tricks, from phishing to fake invoices to scam them out of millions.
The reason is simple too often, SMBs do not have the necessary protection, making them low-hanging fruit for cybercriminals.
The costs are staggering. A recent study from the Centre for Economics and Business Research (CEBR)1 found that data breaches cost UK businesses 34 billion a year. The report suggests 18 billion is in lost revenue and 16 billion in added security measures after breaches have occurred.
The problem is global.
According to a 2015 Ponemon Institute study2, the average cost globally of a data breach to an organisation has reached $3.8 million on average, $154 for every single compromised record. It s significantly higher in the US and Germany, where the costs are $217 and $211 per compromised record. Of course, companies who sell cyber security services would quote big numbers wouldn t they?
But you do
Joined-up Security Can Cut the Cost of Data Breaches for SMBs Chris Weeds, Director of Network Security Product Marketing, Sophos have to wonder if those billions are being spent effectively. As leaders in the security industry, Sophos has a crucial role to play to ensure they are. We need to deal with the growing complexity of threats, but without introducing more complex solutions, at higher cost.
This is especially important for SMBs which don t have the resources of large enterprises. Although over 95% of organisations fall into the SMB category, almost all security solutions are designed for large enterprises with big IT departments and these security products are just too complex for the resource-strapped SMB.
All too often we see SMBs using multiple products that work separately to defeat separate elements of the threat. Products they don t have the time or expertise to properly manage.
The result is disjointed and ineffective security, putting IT managers and their budgets under tighter scrutiny. We advise our customers to think about joined-up security, rather than layering on new products each time there s a new threat.
To stop complex threats you need security products that can work together as a system to protect the end user and corporate data, across all points of the network.
SMBs need security solutions that evolve, automatically integrating new protection technologies into existing agents and consoles, and that share intelligence and policies across the different points of protection.
Very often, security breaches are the result of simple oversights, and a security framework that is integrated, coordinated, and context-aware will reduce the risks.
Ultimately, this kind of integrated security will reduce costs and improve security at the same time, simply by requiring fewer products to procure, deploy, manage and maintain.
You ve probably guessed that this is the Sophos approach to developing products. Wherever we can, we integrate security functions across all points to improve overall protection.
Examples of how Sophos protection is synchronised and consistent at every point include Web + Endpoint policy and enforcement synchronisation; Firewall + Mobile Device Management network access control; Endpoint + Email DLP content control lists and encryption integration; and Next-Gen Enduser technologies like Malicious Traffic Detection.
Sophos new technologies announced in November take this to the next level, creating a truly connected endpoint and firewall security system that simplifies prevention, detection and response to advanced malware and targeted attacks. This technology shares crucial information between the endpoint and the firewall to help organisations deal with today s complex threats.
The final step in protection is education and training to help employees understand the simple steps to secure themselves and the business where they work. So, with smart investment in the education of staff and products that work better together, let s hope we see more businesses reducing the risk of breaches and the associated costs.
Sophos Project Galileo download the briefing document on their synchronised approach to security.1
Chris Weeds, Director of Network Security Product Marketing, Sophos
1.
Cyberattacks Cost UK Businesses Over 34 billion, 10th June 2015.
2.
Ponemon Institute s 2015 Global Cost of Data Breach Study.
References
The post Joined-up Security Can Cut the Cost of Data Breaches for SMBs appeared first on News4Security.