When big business falls prey to cybercrime, we see a frightening picture of how costly and invasive a security breach can be. Behind the high-profile headlines and big-name corporations, the reality is even grimmer. In truth, the impact of cyberattacks on small to medium-sized businesses (SMBs) is more damaging and more prevalent. The Verizon 2018 Data Breach Investigations Report indicates 58% of malware attacks target small businesses. SMBs are prime targets for hackers because they have more digital assets than an individual consumer, making a successful hack more profitable. At the same time, they tend to have fewer security protocols and protections in place than larger corporations.
After an Attack – the Price to Pay
In addition to being more attractive targets for cyberattacks, SMBs stand to lose much more from a successful breach and are thus more likely to cave to ransomware demands. Besides paralyzing operations and damage to brand collateral, a study by the U.S. National Cyber Security Alliance reveals that small companies pay an average of $690,000 to recover from hacking incidents, while mid-sized companies average costs of over $1 million. Worse yet, six months after a cyberattack, a full 60% of targeted small businesses have shuttered their doors. By two years after an attack, this statistic escalates to 90%. An effective, Next Generation Firewall (NGFW) is essential to ensuring your business is protected from cyberattacks, but the wide array of market offerings vary in price, features and benefits. In evaluating which is right for your needs, consider these important differentiators:
The Top Three Differentiators to Look for in a Firewall
1. DPI-SSL Inspection. The use of Secure Socket Layer (SSL) encryption technology has exploded over the last few years as a result of both evolving applications that put sensitive data requiring protection in the cloud and a push by Google and others to embrace the technology. In fact, 75% of all web traffic is now encrypted and all forecasts predict even further rapid adoption. While the use of encryption makes it harder for cybercriminals to hijack and exploit sensitive data, it opens up a new vulnerability. Unless your firewall can inspect encrypted traffic, the same tool that protects your data can mask malware, allowing it to slip past your firewall undetected. This has not gone unnoticed and unexploited by cybercriminals. SonicWALL recently released a whitepaper stating encrypted attacks have increased by 275% since 2017. Deep Packet Inspection of Secure Socket Layers (DPI-SSL) allows your firewall to examine not just the 25% of traffic that is unsecured or not encrypted, but also the 75% of SSL encrypted traffic by unpacking and scanning the code for threats and blocking encrypted attacks. Unfortunately, most organizations have not implemented DPI-SSL inspection, leaving them exposed to malware lurking in 75% of the traffic traveling their network. SonicWall’s Security Center allows visitors to see in real-time just how prevalent cyberattacks are and their specific nature, including an upward trend in Malware using HTTPS. SonicWall Security Center Cyber Threat Map
SonicWall Security Center Cyber Threat Map
2. Cloud Sandboxing to Analyze Suspicious Code. The term “sandbox” refers to the separate testing environment that allows your firewall to examine a potentially harmful file or link safely, and determine its nature. The idea of sandboxing, of course, has been around for many years, but the top tier NGFWs perform sandboxing virtually in the cloud so they are completely separated from the computer or any of the network devices.Suspicious code is examined for previously undetected malware or Zero-Day Threats. For example, last year, SonicWall, a leading provider of firewalls, discovered and created protections for 56 million new forms of malware.
3. Fully Managed 24/7 Security Monitoring by Highly Qualified Professionals. In today’s environment, 24/7 security monitoring is essential to adequately protect your business from potential cybercrime. However, establishing and maintaining the infrastructure necessary for adequate protection can be both challenging and costly given the shortage of qualified cybersecurity professionals that makes recruiting difficult and drives salaries up. In the face of this shortage, many SMBs are unable to adequately staff an effective Security Operations Center (SOC) bench of players, leaving their organizations critically under protected. According to the 2018 (ISC)²Cybersecurity Workforce Study, there is a widening global cybersecurity workforce gap of nearly three million that has been characterized as an industry crisis. 59% of the surveyed companies say the shortage of dedicated cybersecurity staff leaves their organization prone to moderate or extreme risk of attack. This cybersecurity workforce gap is now the #1 job concern of security professionals, outranking even inadequate budgets. The most acute shortage is in highly skilled technical staff in mission critical roles such as vulnerability assessment and cyber defense infrastructure support. While artificial intelligence (AI) and machine learning are helping to offset the crisis, there is still a dearth of high caliber professionals with the ability to design secure systems and hunt down hidden vulnerabilities. In response, many CIOs turn to outsourcing this critical role to a managed security service provider (MSSP) who is staffed up with certified experts round the clock.
A Better Approach – Managed Security
Even though there are compelling reasons for SMBs to be hyper-vigilant, too many remain under-protected. The constantly changing security landscape means staying current is time and capital-intensive. Letting employee knowledge and infrastructure become out-of-date is an easy trap to fall into for leaders who are prioritizing organizational growth, managing cash flow and other mission critical objectives. While most SMBs have invested in firewalls, they can foster a false sense of security. Not all firewalls are created equally, and even the most sophisticated firewall can quickly become obsolete without regular maintenance and real-time response. In an environment where over 75% of web traffic is encrypted, the old Unified Threat Management approach of “set it and forget it” does not afford adequate protection. Yet many SMBs lack resources for an in-house IT department and the budget to hire a trained security expert and invest in buying and maintaining security hardware and software.
Fortunately, SMBs can take advantage of AireSpring’s Managed Security Service combining a SonicWall firewall appliance and Advanced Gateway Security Services including patented intrusion prevention and content filtering technology into a single solution. AireSpring’s new SonicWall Capture Advanced Threat Protection (ATP) is a cloud-based network sandbox, designed to analyze suspicious code in order to help discover and stop Zero-Day Threats from invading your network. The SonicWall solution includes Real-Time Deep Memory Inspection (RTDMI) which allows the firewall to detect and block encrypted malware. AireSpring delivers the hardware, sets-up and configures the equipment, and performs ongoing administration, monitoring and maintenance to ensure that your security remains state-of-the-art for a low monthly recurring charge. In addition to reducing the cost of adequately protecting your business, these services free up valuable staff to focus on other strategic initiatives. Our certified security experts provide you with an effective SOC with 24X7X365 monitoring and support including comprehensive insights into your security landscape. The solution is scalable to keep pace with your organization’s changing needs.
If ensuring that your organization is adequately protected is on your list of strategic priorities, and it should be, contact your authorized AireSpring Partner or your AireSpring Account Manager at 888.346.3898 or by email, to see how we can cost-effectively provide state-of-the-art protection, giving you the assurance that your organization has the best available protection from a cyberattack.