Firewalls: No Longer a Sufficient Cyberattack Defense Alone

by Mike Frane
September 17, 2018

The headlines are so common that we all understand clearly: Cyberattacks have become a constant fact of life.

But with most of those headlines trumpeting attacks on major corporations and government agencies, it’s easy to overlook the fact that small to medium-sized businesses (SMBs) are also under attack – and typically are more vulnerable than larger enterprises. Consider:

  • 61% of last year’s breaches occurred at SMBs, up from 53% the previous year.1
  • Losses from the worst cyber breaches range from $84,000 and $148,000, and 60% of SMBs cease to exist within six months of a significant attack.2

What makes these businesses so vulnerable? Insufficient defense. SMBs too often leave network security to the firewalls that alone served so well years ago. Those days have past.

Firewall unable to combat a cyberattack

Times have changed – dramatically

When firewalls became the standard network defense, there were no employee-owned smartphones on SMB networks, phishing was easy to spot, ransomware hadn’t been invented, and all applications ran locally.

Since then, the advent of cloud-based services, remote working, BYOD computing, and many other factors have exponentially increased SMB vulnerability. While firewalls are still a core protection element, they are no longer sufficient by themselves.

What’s an SMB to do?

Small to medium-sized businesses often feel hamstrung by limited IT staffs and budgets, and the sheer number of security solutions available can seem overwhelming. It doesn’t have to be that way.

For starters, not every business needs every defense. A thorough audit of your risk level, potential security weaknesses, and security readiness can reveal where you’re in good shape, and what deficiencies you need to correct – which can often be handled cost-efficiently by a managed service.

Correction may include a managed firewall built for current realities, and perhaps a managed cloud firewall, and DDoS mitigation as well.  It may mean beefing up email and web security. If you have remote workers, you may need more secure VPN access that connects them to your network.  You may also opt for unified threat management. The right combination of security solutions depends on current vulnerabilities and needs specific to your business.

Regardless, you do need protection from breaches and the dire consequences that can follow. The best place to start is by contacting a provider of managed network security services that is highly adept at keeping SMB networks like yours thoroughly secure.

1 http://www.veille.ma/IMG/pdf/2017_state_of_cybersecurity_in_small_medium-sized_businesses.pdf
2 https://upscapital.com/product-services/cyber-liability-insurance/