Security News

Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. According to a Cyber Security Breaches Survey, businesses that hold electronic personal data of their customers are more likely than average to have had breaches.

Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. According to a Cyber Security Breaches Survey, businesses that hold electronic personal data of their customers are more likely than average to have had breaches.

Microsoft announced today the availability of Azure DDoS IP Protection in public preview, a new and fully managed DDoS Protection pay-per-protected IP model tailored to small and midsize businesses.Unlike the enterprise offering, DDoS IP Protection does not have support for DDoS rapid response support, cost protection, and discounts on WAF. "With the DDoS IP Protection SKU, customers now have the flexibility to enable DDoS protection on individual public IP addresses," Microsoft Senior Product Manager for Azure Networking Amir Dahan said.

Attackers view smaller organizations as having fewer security protocols in place, therefore requiring less effort to compromise. Lumu has found that compromise is significantly different for small businesses than for medium-sized and large enterprises.

Coalition announced the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends, revealinig that small businesses have become bigger targets, overall incidents are down, and ransomware attacks are declining as demands go unpaid. "Across industries, we continue to see high-profile attacks targeting organizations with weak or exposed infrastructure - which has become exacerbated by today's remote working culture and companies' dependence on third-party vendors," said Catherine Lyle, Coalition's Head of Claims.

Cybercriminals and threat actors work around the clock, with attacks originating from around the world. All businesses, including SMBs, need to be always on alert for new threats and available to respond at any moment to an incident.

While 81% of SMBs are monitored by a security operations center, 57% do not operate 24 hours a day, 7 days a week. Considering that 69% of SMBs feel they are facing critical and expanding cybersecurity threats and 75% say cyberattacks have increased in the past three years, the lack of 24/7 coverage continues to put SMBs at risk, according to a survey by Forrester and Pondurance.

SMBs, beware: Microsoft said this week it has discovered a North Korean crew targeting small businesses with ransomware since September of last year. After the gang gets its eponymous malware onto a victim's network, it follows the standard ransomware playbook: encrypt files, and demand a Bitcoin payment to restore the data.

A report released Tuesday by the Cyber Readiness Institute looks at the slow state of MFA adoption among SMBs. CRI surveyed 1,403 small business owners across the U.S., the U.K., New Zealand, Japan, India, Germany, Canada and Australia from May 2 to May 15. Among the respondents, 55% admitted that they're not very aware of MFA and its security benefits, while 54% said they haven't adopted MFA for their business.

MFA has been in use for decades and is widely recommended by cybersecurity experts, yet 55% of SMBs surveyed are not "Very aware" of MFA and its security benefits, and 54% do not use it for their business. Of the businesses that have not implemented MFA, 47% noted they either didn't understand MFA or didn't see its value.