As budgets shrink, one of the expenditures perennially on the chopping block is likely to be the funds allocated to IT security. The fact that security adds no obvious or immediate benefit to the operations of the IT department makes the pressure even more intense.
However, a couple of recent developments highlight the importance of security to SMBs.
Growth of malware
More than 30 percent of all computers scanned around the world have malware, according to a recent report by anti-malware firm PandaLabs. Indeed, researchers from the security vendor estimate that 27 million new strains of malware were created in 2012 alone; the company’s malware database has about 125 million signatures to date.
The heart of the issue is related to how hackers were able to automate the creation of new malware variants, creating approximately 74,000 malware every day. Though the press release went on to highlight its cloud-based counter-measures, it is not hard to imagine that this technique used by malware writers is having some success against signature-based anti-malware defenses. You can download the PandaLabs Annual Report 2012 summary here (pdf).
The threat of cyber warfare
Separately, Twitter earlier this month announced that it has detected and halted a cyber attack in which hackers made off with data for 250,000 accounts. This includes the salted passwords, which can be cracked with sufficient time and processing capabilities.
This comes on the back of high-profile hack attacks targeting organizations such as The New York Times and The Wall Street Journal, illustrating how cyber attacks can succeed even against technically advanced or larger organizations.
Defending against the threats
If there were one certainty about IT security, it would be how there can never be guarantees of security as long as systems are wired to the Internet. Fortunately, there are steps that small and mid-sized businesses can adopt in order to dramatically improve their chances of not becoming a victim of a security breach or malware.
For one, SMBs may want to reconsider relying solely on the blacklisting approach of traditional anti-malware defenses. I have previously covered the topic of whitelisting at length, noting how it can be used to better secure computer workstations against unknown threats by locking down existing files. And, yes, whitelisting can be used in tandem with traditional anti-virus, too.
As I wrote earlier in “Improving Your Defenses Against Security Weaknesses,” there are fundamentals to be covered such as implementing basic security defenses as well as training users to thwart social-engineering attempts and reduce risky online behaviors. Finally, another thing that can be done would be to implement data encryption.
Ultimately, defending against cyber warfare waged by highly motivated and talented hackers may be trickier with the limited resources of most SMBs. If you’ve read my interview with Sugiarto Koh, regional director of Sourcefire in Southeast Asia, it becomes clear that security is really a combination of protection desired and the appropriate budget to achieve that. As such, it makes sense to avoid cutting your security budget without due consideration.