October 6, 2022
Cybercriminals are more likely to target small-and-medium businesses for their perceived (and sometimes actual) lack of cyberdefenses. In this post, we break down five must-have technologies that help prevent cyberattacks for SMBs. The intel you need to secure your business—delivered straight to your inbox From industry tips and best practices to the latest Malwarebytes product…

Cybercriminals are more likely to target small-and-medium businesses for their perceived (and sometimes actual) lack of cyberdefenses. In this post, we break down five must-have technologies that help prevent cyberattacks for SMBs.

The intel you need to secure your business—delivered straight to your inbox

From industry tips and best practices to the latest Malwarebytes product releases and how-tos, our Business newsletter is chock-full of the best of our business blog. Subscribe to our Business newsletter today.

Now more than ever, threat actors are trying to attack company networks. In fact, there were 50% more attack attempts per week on corporate networks globally in 2021 than in 2020.

Small-and-medium-sized businesses need to be on the lookout particularly, as cybercriminals are more likely to target them for their perceived (and sometimes actual) lack of cyberdefenses.

This article focuses on helping to prevent cyberattacks purely through technology; though of course, businesses need a combination of technology, people, and strategy to truly become cyber resilient

That being said, security experts advise against relying solely on a single technology or technique to protect business endpoints. Effective prevention requires a layered approach capable of addressing not only today’s threats, but preventing tomorrow’s as well. 

In this post, we break down five must-have technologies that help prevent cyberattacks for SMBs.

Your level of prevention is determined by how much risk you accept to take on

There are two extremes to prevent cyberattacks: Overly permissive prevention and absolute prevention—and where you fall on that spectrum depends on the level of risk in your organization.

Let’s start over at one end of the extreme. 

In the medical industry for example, doctors in large hospitals use a virtual machine. The machine they use operates in a virtual environment, and that virtual environment is destroyed and recreated when they log back in in another room. They can’t install anything or change anything. Data is kept separate. 

Moving towards the other end of the extreme, you might find startups or smaller companies with very lax prevention. Something like, “Here’s a laptop. We’ve provided you with the basic software, call us if you have a problem.”

What’s important to note here is that, because the risk level of every organization is different, there’s no “one-size-fits-all” approach to prevent cyberattacks. Your level of prevention will vary drastically depending on industry, company size, and so on.

Having said that, the average small-to-medium-sized business falls somewhere in the middle of these two extremes. At a medium level of risk, you want to find that perfect balance between too strict and too permissive. 

Remember the maxim: The cyberattacks you cannot prevent, you need to mitigate. For mitigation, we assume your business uses (outsources) endpoint detection and response—but you still need the right technology to prevent cyberattacks in the first place. Especially ransomware

Read Our Defender’s Guide to Ransomware Resilience!

The question for any IT leader then is: What can I prevent, without slowing down my business?

5 technologies that help prevent cyber attacks for SMBs (ranked in order of importance)

(Note: these aren’t hard-and-fast rankings, just a good rule of thumb. They may look different for your individual business—for example, you might put 2FA first before anything else and that’s totally OK.)

1. Endpoint protection

Before anything else, endpoint protection should be the first thing you set out to pair with your EDR.

Through a combination of web protection, application hardening, and more, EP provides businesses with full attack chain protection against both known and unknown malware, ransomware, and zero-hour threats. Multi-stage attack protection provides the ability to stop an attacker at every step.

Read our “Endpoint Protection Buyers Guide” for details of the core requirements to help you navigate your enterprise endpoint protection solution analysis, which provides a solution questionnaire to help you with your evaluation process.

Read more: What is endpoint protection?

2. Vulnerability assessment AND patch management (tied) 

Hold on a sec, you’re telling me vulnerability assessment and patch management are preventative? Don’t both of these mitigate being compromised, since the vulnerability is already technically present?

Well, sure—but the only surefire way to prevent a vulnerability from being exploited is through patching it. Therefore, the process of finding vulnerabilities (and categorizing them by severity) so that you can then systematically patch them before they can be exploited, are two vital preventative measures.

And no, you don’t want to do either of these things manually if you can help it. A vulnerability assessment platform can automatically find and score vulnerabilities with the Common Vulnerability Scoring System (CVSS), while a patch management platform can help you patch those vulnerabilities automatically.

Read more: Vulnerability response for SMBs: The Malwarebytes approach

3. DNS filtering

The next technology you need to prevent cyberattacks is a DNS filter. But first, a little bit about what DNS (domain name system) is. 

Every time a customer types in your web address, their computer makes a request to a DNS server. The DNS server, in turn, tells the computer where to go. If all goes well, then voila, your customer is at your website. 

A DNS filter prevents you from accessing unsafe websites—including those posing a strong malware risk. But which web-based cyberthreats in particular does DNS filtering stop, you ask? There are three big ones:

  • Phishing: If you have a DNS filter, as soon as someone in your business clicks a link to a malicious website, they’re prevented from visiting it. 

  • DDoS attacks: Being able to continuously monitor DNS activity is a great way to catch the warning signs of a DNS DDoS attack—and with a DNS filter, you can do exactly that.

  • Machine-in-the-middle attacks: A good DNS filter uses DNS encryption, which secures the connection between your computer and the DNS resolver. That way, cybercriminals cannot sit between you and feed you spoofed DNS entries.

Read more: 3 ways DNS filtering can save SMBs from cyberattacks

4. Cloud scanning

No matter what cloud storage service you use, you likely store a lot of data: A mid-sized company can easily have over 40TB of data stored in the form of millions of files. 

Needless to say, it can be difficult to monitor and control all the activity in and out of cloud storage repositories, making it easy for malware to hide in the noise as it makes its way to the cloud. That’s where cloud storage scanning comes in.

Most cloud storage apps already have malware-scanning capabilities. However, businesses use multiple different cloud storage repositories, and due to lack of integration options, they are unable to get a centralized view of all of their scan results, across multiple repositories, in a single pane of glass.

To better prevent cyberattacks, look for a cloud scanning service that uses multiple anti-malware engines, using a combination of signatures, heuristics and machine learning to increase detection rates. Also, look for one that provides a comprehensive view to monitor the health of all your enterprise data.

Read more: Cloud-based malware is on the rise. How can you secure your business?

5. 2FA

Two-factor authentication (2FA) is a cost-effective option for SMBs. 2FA adds an extra layer of protection by asking users to provide two forms of identification to prove their validity.

According to Robert Zamani, Regional Vice President, Americas Solutions Engineering at Malwarebytes, 2FA is relatively quick and easy to implement.

“2FA is simple.” says Zamani. “You roll a device quickly, you enroll a device—that’s something they have, which is usually a smartphone—something they know, which is a password—and then you enforce password minimum.”

Read more: Understanding the basics of two-factor authentication

Bonus: Cyber insurance 

OK, it’s not a technology, but hear me out.

Let’s say your business has just suffered a data breach and it’s time to dig deep in your pockets to pay all the resulting expenses. Without cyber insurance, you can expect to pay a dizzying amount of cash.

In 2022 alone, the average cost of a data breach for businesses under 1,000 employees was close to $3 million—and these costs are coming from activities that cyber insurers typically cover, such as detecting and responding to the breach.

So when it comes to preventing having to pay huge out of pocket costs in the event that you’re hit with a cyberattack, cyber insurance is a must. The harsh truth is that if you don’t have cyber insurance and are hit with ransomware with no way to recover files, you will likely go out of business—especially if you’re a small-and-medium-sized business. 

Read more: 4 ways businesses can save money on cyber insurance 

A “Matryoshka approach” to cyber prevention

Let’s recap. 

Relying solely on a single technology or technique to protect your businesses’ endpoints is a fool’s errand. 

At the same time, we have to understand that each business has different needs when it comes to prevention: Your level of risk is the chief decider of what tech you ultimately employ to prevent cyberattacks. Depending on your industry and company size, you could justifiably use all of these technologies and more—or none of them.

However, most SMBs will find themselves in the middle of the risk-prevention spectrum. To that end, the following are strongly recommended: Endpoint protection, VPM, DNS filtering, cloud storage scanning, and 2FA (and cyber insurance!). 

Of course, you can’t prevent 100% of threats. Therefore, you need an EDR solution to detect and respond to what does get through. That is to say, you should pair any preventative technology with an EDR solution, and a good EDR can seamlessly integrate with all of the preventative technologies listed here.

Want to see what effective prevention and response look like in action? See below for a live demonstration of Malwarebytes Endpoint Detection and Response (EDR):

TAKE ME TO a LIVE DEMO OF EDR!

Source