Supply chain concern: SMEs ignore a quarter of alerts due to lack of resources

News by Jay Jay

SMEs may have finally grasped the challenges they face and are taking firm action to improve their cyber security, to prevent threat actors from leveraging flaws in their IT systems

Small and Medium Enterprises (SMEs) are often considered to be the most vulnerable to threat actors around the world not only because they store huge buckets of customer data and form the supply chain of larger organisations, but because of their inability to afford advanced threat intelligence solutions or talented cyber-security professionals compared to their larger peers.

This factor has been highlighted on various occasions amidst a major rise in the variety and frequency of cyber-threats targeting organisations as well as the arrival of tough data protection laws that prescribe punishing fines for organisations that fail to protect their data or abide by cyber-security guidelines.

A new survey commissioned by Armor indicates that SMEs may have finally grasped the challenges they face and are taking firm action to improve their cyber security, to prevent threat actors from leveraging flaws in their IT systems, and to avoid tough fines and reputational damage in the aftermath of a breach.

According to Armor, more than 80 percent of SMEs are planning to increase their cyber security budgets by 14 percent on average this year and at least 89 percent have dedicated executive-level personnel who are responsible for information security. These findings not only indicate that SMEs are taking steps to abide by statutory regulations such as GDPR but are also improving their threat detection and response capabilities.

The results are for all to see. The survey found that while security teams at 59 percent of SMEs can respond to security alerts in less than one hour, teams at 83 percent of SMEs can investigate and remediate confirmed threats in less than six hours.

"Small and mid-size enterprises, faced with the same threats and challenges as large enterprises, are making significant strides in improving their overall security posture. With cyber-security threats on the rise, it’s encouraging to see that SMEs are moving beyond basic security and are now tackling the more complex issues that come with the shift to a hybrid and multi-cloud infrastructure," said Aaron Sherrill, senior analyst for 451 Research who carried out the survey on behalf of Armor.

However, many challenges remain to be addressed. Executives and IT/security directors at SMEs said that they are increasingly relying on cloud solutions to store their data and run applications even though that cloud security is one of their top security challenges. At the same time, the volume of security alerts that SMEs are receiving on a daily basis has grown so much that they are able to process only around 75 percent of all security alerts, indicating that a quarter of alerts remain unaddressed.

They stated that their inability to respond to all security alerts quickly is due to "competing priorities, a lack of resources, a lack of threat intelligence and a lack of automation". They are also struggling to effectively defend against the increasingly sophisticated cyber-threat landscape or protect their ever-expanding and increasingly complicated IT environment which includes traditional on-premises infrastructure, legacy environments and cloud infrastructures.

To secure their IT environments and to take on the increasingly sophisticated cyber-threat landscape, SMEs are now investing in additional or improved security tools, investing in threat intelligence improving their visibility across clouds and on-premise infrastructures, and hiking their cyber-security budgets to fund these investments. However, considering that they are grappling with a lack of resources and a lack of automation, it would take a lot more time and resources for them to completely secure their IT environments.

Commenting on challenges faced by SMEs in cyber-space, Stephen Gailey, head of solutions architecture at Exabeam, told SC Media UK that the arrival of new security tools means that they are now detecting a large number of cyber-attacks and threats that were hitherto undetected.

"Secondly and perhaps more troubling, is that most modern security controls generate a vast amount of log data. Security monitoring solutions turn these events into alerts which must be dealt with by overworked security operations teams. The security operations centres are often forced to choose between a woeful lack of information or such a deluge that they can’t possibly see the real threats.

"All is not lost however, as a new breed of security monitoring solution built on Machine Learning and AI is beginning to emerge. These systems cut through the noise to reveal the real hidden threat beneath," he added.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Webcasts and interviews 

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop