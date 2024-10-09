Comment - Cyber Awareness Month - Innes Muir, Logpoint

October 2024 by Innes Muir, Regional Manager, MSSPs, UK, EIRE and RoW, at Logpoint.

“Cyber Awareness Month is now 20 years’ old yet we still see the same security issues leading to attack. Most attacks are opportunistic in nature – they exploit a lack of basic cyber hygiene – and it’s putting these controls in place that the National Cybersecurity Alliance, which established the initiative, is promoting this month. Effective password management, multi-factor authentication (MFA), spotting and reporting phishing attacks and updating software are all on the list but these require the organisation to keep up to speed with their defences and the evolving threat spectrum.

Most organisations continue to find implementing these controls challenging. The Cyber Security Breaches Survey 2024 found that while that while 72% had a password policy, just over half (54%) had an agreed process for staff to follow with respect to fraudulent emails/websites, and only 39% had 2FA (let alone MFA), and 34% a policy to apply security updates within 14 days. It’s a picture that only worsens when it comes to SMBs. Armed with limited resources, rising costs and dwindling budgets, and faced with a shortage of cybersecurity professionals, these businesses struggle even more to cope with the day-to-day machinations of maintaining a secure network.

There are ways in which this sector can embrace cybersecurity more effectively, however. Automating threat hunting, detection and incident response can dramatically improve the ability of the enterprise to spot and stop attacks using a Security Incident and Event Management (SIEM) platform. Previously the preserve of big business, technological innovation has now placed this technology within reach of the SMB allowing them to detect issues in realtime. It’s also possible to combine the technology with other offerings such as Security Orchestration Automation and Response, automating response and remediation of issues.

But for those businesses who do not want to manage their cybersecurity, Managed Detection and Response (MDR) may well be a better solution. It sees a third-party provider ie an MSSP provide a service that combines the capabilities of the SIEM with a response team, providing the business with a 24x7 solution. In either scenario, implementing a SIEM enables the SMB to dramatically improve its security posture and cyber hygiene without taking the focus away from its core line of business.”