This Processor piece starts from the common-sense perspective that small- and medium-size businesses generally don't have the staff to deal with security emergencies. If a problem occurs, a whole department can't be put on the case, as enterprises can. For that reason, it is even more important to have a Security Incident Management Plan (SIMP) ready to go when the problem emerges.
The piece outlines why a SIMP is important and what should be in a good one. The first goal is simply to calm the situation and provide some hope that disaster can be averted. Such plans also are guides for management, ensure that all the important people in the organization are kept informed and set up a structure that makes successful compliance with Sarbanes-Oxley, the Health Insurance Portability and Accountability Act and other regulatory obligations more likely.
The story says the plan should define what an incident is, who will be involved in the response, information about processes and decision points and how communications should be conducted. Sidebars further describe the focus of a SIMP and suggests the types of actions ("prevention," "detection," etc.) that it should contain. It can be used in conjunction with assessment tools, such as the Microsoft Security Assessment Tool (MSAT) released in December.
The only drawback of this interesting Baseline article is that it doesn't provide a concise definition of security- information management (SIM). It outlines a Forrester analyst's views that SIM will become a more important tool for SMBs. It is apparent from the context that SIM is a way to identify security problems in real time and put an immediate response in motion.
Forrester says that during the next four years, the number of SMBs using SIM will "skyrocket" from where it is now -- less than 1 percent of the sector -- to almost 30 percent. The overall SIM market will grow from $524 million in 2007 to $1.13 billion in 2011, the company says.
During 2007, it became clear that physical and cyber security increasingly are cross-pollinating in interesting ways. In early December, Cisco division Linksys released the Wireless-G Business Internet Video Camera with Audio. The WVC2300, the company says, when combined with the Business Internet Video Camera with Audio and PoE (PVC2300) improve the physical surveillance of small offices and home offices. The release offers a list of 11 features, including Wi-Fi Protected Access 2 and quality of service; a maximum resolution of 640 x 480 pixels; a frame rate of 30 frames per second; I/O ports for alarm triggers and on/off light switches and others.
SMBs also can be on the front lines of the evolving security landscape. This PC World piece, which focuses on smaller security vendors, says malware is becoming so varied that signature-based antivirus approaches can be overwhelmed. The next step, the story says, is for vendors to use customers' end-point devices to collect data on malware as it emerges. It is important to note that vendors who best understand SMBs' needs and ways of doing business will reap great rewards in 2008.
SMBs, which don't have the manpower or skills to fight the increasingly organized criminal underground, must think smart. That begins with education and awareness and extends to innovative techniques and savvy technology choices.