Industry roundtable explores weaknesses in SME cybersecurity

~ Panel highlights weak areas including IoT devices, the impact of AI and poor incident-response plans ~

A cybersecurity roundtable has found that SMEs can better protect themselves in three key areas. These include moving away from antivirus towards AI-driven extended detection and response (XDR) platforms, tackling the proliferation of IoT devices and building a robust incident-response for evolving cyber threats. The event, which was held at the headquarters of London-based IT service provider OryxAlign, featured key panellists including experts from ConnectWise and Ingram Micro, as well as OryxAlign.

The discussion emphasised emerging technologies like the Internet of Things (IoT) and smart devices. Recent figures show a surge in IoT cyber-attacks, reaching 112 million last year, an 80 million increase from the previous year.

“IoT devices pose a significant risk because of the number of devices. Although we call them smart devices, they’re closer to dumb devices like microwaves or washing machines, carrying out a single, specific task,” explained Martin Wegrostek, Cyber Security Manager at OryxAlign. “While most legacy sites initially air-gapped their networks, this security may have eroded over time, as people added devices to the network. Walking into that site today, you may see cables running from switches to firewalls, compromising the air gap. The IoT device now has internet access, is plugged into the network, and the IT team is unaware of it.”

Traditionally, the IT department never got involved with the heating of a building, for example. However, facility managers might want ‘smart’ heating, which needs a control panel. The smart device is connected to the network, and anything connected to the network is a security risk.

Advanced AI-powered techniques were also discussed. Criminals use data from social networks, cookies, and online activities to create precise, hard-to-detect personalised attacks. According to the Information Commissioner’s Office (ICO), phishing emails are now the leading form of cyber-attack, constituting 36 per cent of cyber-attacks, while previous leader ransomware only constitutes 34 per cent.

Just as criminals use AI, so too do IT departments and managed service providers (MSPs). XDR uses AI and machine learning to find sophisticated malware in a system. As a result, bad actors are moving faster.

“Dwell time has reduced from days and months to hours. Criminals are getting in and out quickly because they know that AI detection software will find them fast,” commented Wegrostek. “They’re not creeping around for months to see how far they can spread. They’re getting in, detonating, then getting out fast, which makes it difficult for traditional security to block.”

Addressing this kind of shadow IT helps businesses proactively secure their IT environment and defend against evolving cyber threats. With the rise of hybrid and remote working, the threat landscape is expanding, making it crucial for businesses to enhance their cybersecurity measures.

The rise of hybrid and remote work has expanded cyber threats. Insecure home networks, outdated personal devices, and vulnerable public Wi-Fi creates opportunities for cybercriminals. Attacks are more likely in these setups, making it even more critical that businesses secure their systems proactively.

It’s almost inevitable that a company will be attacked, so how you respond is critical. “With any cyber-attack, they are looking for you to make mistakes,” explained Andre Lynch, Cyber Security Specialist for ConnectWise. “They want you to respond urgently. They want you to panic. If you don’t have an incident response plan in place, you will rush to pay that ransom, even though they probably aren’t going to provide you with the decryption key, or if they do, it will be faulty. That’s why a response plan is so essential because it methodically lists all the things you need to do. It’s a plan you need to practice.”

Ahmed Soliman, Cyber Security Specialist for Ingram Micro, added that small and medium-sized businesses are more at risk. “Keep in mind, when a cybercriminal launches a ransomware attack, the success will depend on the company’s size. If it’s a small company, they know the attack will succeed because the company doesn’t have the basics in place like policy and procedures, data backup, datastore policies, strong passwords, and phishing awareness.”

To hear more from the cybersecurity experts about their views on the future of cybersecurity, watch the full roundtable meeting at the link, or to talk to a specialist on how you can better protect your business online, visit the OryxAlign website.