Home CISO STRATEGY Safeguarding SMBs: Trends, challenges, best practices & smart security strategies

Safeguarding SMBs: Trends, challenges, best practices & smart security strategies

May 26, 2023

Don’t miss this outstanding, knowledge-packed CyberTalk.org interview with Shahar Divon, Head of Global SMB Sales at Check Point. He delves into Small-to-Medium Business (SMB) security trends, shares common SMB security challenges, recommends best practices and provides additional invaluable insights into advancing SMB cyber risk resilience. Get ready for an eye-opening conversation.

Help readers get to know you. Please tell us a bit about the scope of your role at CP?

I lead the global SMB sales at Check Point, working alongside local sales teams, distributors and telcos to provide top-notch security solutions for their SMB customers. With a decade of experience in the cyber security industry, my expertise extends from working for distributors and channels to successfully building managed SMB services with service providers. Over the course of nearly six years, I have built and developed the SMB business at Check Point, introducing innovative value propositions to cater to the evolving needs of SMB customers.

What are the threat trends that you’re seeing among SMBs right now?

The increase in threat actors and the commercialization of their attack tools have made SMBs a profitable and “easy target” for cyber criminals. It is therefore no surprise that the threat trends amongst SMBs are no different from those of enterprises; phishing, social engineering, supply chain attacks, ransomware, cloud security and more. The main differentiator with SMBs is that, much of the time, they face resource constraints and do not have enough budget to dedicate to cyber attack prevention. This is especially true in days of economic crises and high inflation rates, when SMBs are looking to cut their expenses – often times their IT budget.

Are SMB security leaders prepared for these threats?

I believe that SMB security leaders who outsource their cyber security to MSPs will be prepared for these threats. Unlike SMBs, which are mostly focused on their primary business, most MSPs are dedicated to cyber security and possess specialized knowledge and expertise in the field. They stay up-to-date with the latest threats, technologies, and best practices, which can be challenging for organizations to maintain in-house.

What is getting in the way of more action and better leadership around SMB security?

SMB owners are often reluctant to invest in cyber security because they fear it is too expensive and requires expertise that they don’t have. MSPs can change this perception and can provide affordable security to their SMB customers.

What are the top 2-3 things that SMB security leaders should focus on in 2023?

1. SMBs are vulnerable to cyber attacks not only on-premise, but also as employees are on the road and at home. Therefore, security leaders need to make sure that all attack vectors are covered by proper security measures.

2. Growing use of cloud services, such as cloud-based email and chat services, require proper security tools.

3. SMBs need to keep a ‘cyber-hygiene’ focused environment. They can do this through the implementation of strong passwords, frequent password changes, a third-party identity provider (ie. Azure AD, Octa, etc) for logging onto cloud services, downloads of the latest software patches on their on-premise software, and by educating employees about how to identify phishing emails.

In looking at the pros and cons of outsourcing security, when should SMBs move to MSP?

SMBs should move to MSP when they have limited resources to invest in building and managing an in-house security team and when they are looking to concentrate their efforts and resources on their strategic business goals.

If searching for an MSP, what should SMB leaders think about or ask of providers?

Check the MSP’s experience in the cyber security industry
Ask for references or case studies pertaining to SMBs
Make sure the MSP can provide 24/7 monitoring
Ask whether the MSP offers scalable solutions that can accommodate the SMB’s growth
Ask about what security technologies and tools they offer. Specifically, do they cover all attack vectors including network, email, mobile and endpoint?

Can you suggest additional cyber security resources for SMBs?

I recommend that SMBs read Verizon’s “2022 Data Breach Investigations” report to familiarize themselves with the latest Small Business Data Breach statistics. In addition, I advise them to visit Check Point Research to keep up with relevant updates in cyber security.