Security News

Ninety-two percent of SMB executives said they believe their businesses are prepared to recover from a disaster. "That data suggests that there are either varying definitions of what it means to be able to recover from a disaster or, quite simply, a lack of understanding of what it truly means to be able to recover from a disaster. Make no mistake, if a business does not have a disaster recovery solution in place, or at the very least a solution to back up its data, there is no way it can get the data back from a data loss event."

Nearly one in seven senior decision makers said their organization has already experienced at least one cyberattack since the start of the COVID-19 pandemic, according to a new report by Alliant Cybersecurity. SEE: Cybersecurity: SMBs are keeping up with big companies, according to Cisco survey.

Cisco survey finds security experts at mid-sized companies have strong incident response plans and prioritize proactive threat hunting. Security teams at small businesses are just as good at defending corporate data and networks as their colleagues at bigger organizations, according to a new survey from Cisco.

Organizations hit by ransomware attacks can suffer several types of losses. A report released Tuesday by Infrascale illustrates how SMBs are faring at defending themselves against ransomware.

73% of those SMBs that have been the targets of ransomware attacks actually have paid a ransom, Infrascale reveals. B2B orgs were more likely to be ransomware targets than B2Cs. Business-to-business organizations were more likely to have experienced a ransomware attack than business-to-consumer entities, according to the Infrascale survey results.

Researchers have observed a new skimmer from the prolific Magecart Group that has been actively harvesting payment-card data from 19 different victim websites, mainly belonging to small- and medium-sized businesses, for several months. "In some cases, we've seen MakeFrame using compromised sites for all three of its functions - hosting the skimming code itself, loading the skimmer on other compromised websites and exfiltrating the stolen data," Herman and Ihm wrote.

"Data protection can come into play in a wide array of important ways - including data security and encryption, data recovery, email protection and data archiving. It also provides the ability to recover quickly from a disaster, protection from and mitigation of ransomware, and physical device protection. Plus, it can prevent user error," said Reeder. Top executives in education see data backup and data recovery as the most important aspects of data protection.

World Backup Day is March 31, and while cyberattacks are a potential threat to their data, many SMBs say they don't have a data backup or disaster recovery process, according to data protection company Infrascale. Among them, 49% said that cyberattacks are their biggest concern when it comes to protecting data, while 58% pointed to security vulnerabilities as their biggest data storage challenge.

An alarming number of SMBs in the US and UK are not prepared for a potential cyber attack or breach, BullGuard warns. One-third of companies with 50 or fewer employees report using free, consumer-grade cybersecurity, and one in five companies use no endpoint security whatsoever.

Leading the way is a Privileged Access Management solution called Devolutions Password Server, which provides enterprise-grade PAM features that offer SMBs a level of protection usually only afforded to large organizations. While every business is a potential target, SMBs face unique challenges from their enterprise counterparts - yet the majority of IT software solutions currently available are complex and go well beyond what most SMBs require.