The growth in attack volume on the SMB has grown exponentially because it’s easy. SMBs (and some public sector entities as well) tend to be well behind the security curve, making the organization an easy target of cybercrime.
The real target of cyber-crime is the SMB! In 2014, 60% of all known successful attacks where against small and medium businesses. And of those that were breached, 60% went out of business within 6 months.
While firewalls, IDS/IPS, AV, etc., are critical, improper configuration and management of these tools often create more risk. Many companies might not have the resources or expertise to know what to do if those tools alert them of a problem.
The most effective way to listen to these devices is to observe their every action and their communication patterns. Because these actions and “event logs” occur several times per second, many companies turn to a Security Information and Event Management tool (SIEM) to help make sense of the vast amount of machine data being generated.
Security products, to be effective, must be monitored and maintained 24/7 so that threats are detected and responded to immediately. Not an easy task for the typical SMB company that cannot afford around-the-clock security experts. Cisco agreed that “the worldwide shortage of information security professionals is at 1 million openings, even as cyber attacks and data breaches increase each year”.