5 technologies that help
prevent cyberattacks for SMBs
Now more than ever, threat actors are trying to attack company networks. In fact, there were 50% more attack attempts per week on corporate networks globally in 2021 than in 2020.
Small-and-medium-sized businesses need to be on the lookout particularly, as cybercriminals are more likely to target them for their perceived (and sometimes actual) lack of cyberdefenses.
This article focuses on helping to prevent cyberattacks purely through technology; though of course, businesses need a combination of technology, people, and strategy to truly become cyber resilient.
That being said, security experts advise against relying solely on a single technology or technique to protect business endpoints. Effective prevention requires a layered approach capable of addressing not only today’s threats, but preventing tomorrow’s as well.
In this post, we break down five must-have technologies that help prevent cyberattacks for SMBs.
Your level of prevention is determined by
how much risk you accept to take on
There are two extremes to prevent cyberattacks: Overly permissive prevention and absolute prevention—and where you fall on that spectrum depends on the level of risk in your organization.
Let’s start over at one end of the extreme.
In the medical industry for example, doctors in large hospitals use a virtual machine. The machine they use operates in a virtual environment, and that virtual environment is destroyed and recreated when they log back in in another room. They can't install anything or change anything. Data is kept separate.
Moving towards the other end of the extreme, you might find startups or smaller companies with very lax prevention. Something like, “Here's a laptop. We've provided you with the basic software, call us if you have a problem.”
What’s important to note here is that, because the risk level of every organization is different, there's no “one-size-fits-all” approach to prevent cyberattacks. Your level of prevention will vary drastically depending on industry, company size, and so on.
Having said that, the average small-to-medium-sized business falls somewhere in the middle of these two extremes. At a medium level of risk, you want to find that perfect balance between too strict and too permissive.
Remember the maxim: The cyberattacks you cannot prevent, you need to mitigate. For mitigation, we assume your business uses (outsources) endpoint detection and response—but you still need the right technology to prevent cyberattacks in the first place. Especially ransomware.
The question for any IT leader then is: What can I prevent, without slowing down my business?
5 technologies that help prevent cyber attacks for SMBs (ranked in order of importance)
(Note: these aren’t hard-and-fast rankings, just a good rule of thumb. They may look different for your individual business—for example, you might put 2FA first before anything else and that’s totally OK.)
1. Endpoint protection
Before anything else, endpoint protection should be the first thing you set out to pair with your EDR.
Through a combination of web protection, application hardening, and more, EP provides businesses with full attack chain protection against both known and unknown malware, ransomware, and zero-hour threats. Multi-stage attack protection provides the ability to stop an attacker at every step.
Read our “Endpoint Protection Buyers Guide” for details of the core requirements to help you navigate your enterprise endpoint protection solution analysis, which provides a solution questionnaire to help you with your evaluation process.
Read more: What is endpoint protection?
2. Vulnerability assessment
AND patch management (tied)
Hold on a sec, you’re telling me vulnerability assessment and patch management are preventative? Don’t both of these mitigate being compromised, since the vulnerability is already technically present?
Well, sure—but the only surefire way to prevent a vulnerability from being exploited is through patching it. Therefore, the process of finding vulnerabilities (and categorizing them by severity) so that you can then systematically patch them before they can be exploited, are two vital preventative measures.
And no, you don’t want to do either of these things manually if you can help it. A vulnerability assessment platform can automatically find and score vulnerabilities with the Common Vulnerability Scoring System (CVSS), while a patch management platform can help you patch those vulnerabilities automatically.
3. DNS filtering
The next technology you need to prevent cyberattacks is a DNS filter. But first, a little bit about what DNS (domain name system) is.
Every time a customer types in your web address, their computer makes a request to a DNS server. The DNS server, in turn, tells the computer where to go. If all goes well, then voila, your customer is at your website.
A DNS filter prevents you from accessing unsafe websites—including those posing a strong malware risk. But which web-based cyberthreats in particular does DNS filtering stop, you ask? There are three big ones:
Phishing: If you have a DNS filter, as soon as someone in your business clicks a link to a malicious website, they’re prevented from visiting it.
DDoS attacks: Being able to continuously monitor DNS activity is a great way to catch the warning signs of a DNS DDoS attack—and with a DNS filter, you can do exactly that.
Machine-in-the-middle attacks: A good DNS filter uses DNS encryption, which secures the connection between your computer and the DNS resolver. That way, cybercriminals cannot sit between you and feed you spoofed DNS entries.
4. Cloud scanning
No matter what cloud storage service you use, you likely store a lot of data: A mid-sized company can easily have over 40TB of data stored in the form of millions of files.
Needless to say, it can be difficult to monitor and control all the activity in and out of cloud storage repositories, making it easy for malware to hide in the noise as it makes its way to the cloud. That’s where cloud storage scanning comes in.
Most cloud storage apps already have malware-scanning capabilities. However, businesses use multiple different cloud storage repositories, and due to lack of integration options, they are unable to get a centralized view of all of their scan results, across multiple repositories, in a single pane of glass.
To better prevent cyberattacks, look for a cloud scanning service that uses multiple anti-malware engines, using a combination of signatures, heuristics and machine learning to increase detection rates. Also, look for one that provides a comprehensive view to monitor the health of all your enterprise data.
wo-factor authentication (2FA) is a cost-effective option for SMBs. 2FA adds an extra layer of protection by asking users to provide two forms of identification to prove their validity.
According to Robert Zamani, Regional Vice President, Americas Solutions Engineering at Malwarebytes, 2FA is relatively quick and easy to implement.
“2FA is simple." says Zamani. "You roll a device quickly, you enroll a device—that's something they have, which is usually a smartphone—something they know, which is a password—and then you enforce password minimum.”