Problem 7 of 7 Things Wrong with Mid-Market Cyber Security
The threat faced by mid-market organisations is huge and growing. Yet, they do not always have access to the same level of protection as enterprises – even though the impact of a breach is often worse for smaller businesses. Enterprises enjoy the latest cyber security solutions, which are managed by a team of skilled and highly trained cybersecurity professionals. Unfortunately, the same cannot be said for mid-sized organisations, which often make do with unsatisfactory products or a patchwork of point products that provide an ineffective defence. Some don’t have any defences at all.
An “alarming number of small businesses in the UK and US are not prepared for a potential cyber-attack or breach”. A study published in 2020 found that 43 percent of mid-market owners have no cybersecurity defence plan in place, leaving sensitive financial, customer and business data, at “significant” risk. One-third of companies with 50 or fewer employees admitted using free, consumer-grade cybersecurity, whilst one in five companies did not employ endpoint security solutions.
Mid-Market Security Solutions
There is hope for the mid-market yet. Thanks to the advent of extended detection and response (XDR) platforms and other systems which incorporate several different services into one unified solution, the mid-market is now beginning to gain access to enterprise grade security. Gartner described XDR as a “unified security and incident response platform that collects and correlates data from multiple proprietary components”.
It continued: “The platform-level integration occurs at the point of deployment rather than being added in later. This consolidates multiple security products into one and may help provide better overall security outcomes. Organisations should consider using this technology to simplify and streamline security.”
XDR has a clear benefit for mid-size businesses because it is more cost-effective than older solutions whilst offering significant performance benefits. When analysts from ESG asked security professionals about the threat detection and response systems, most said they were using security information and event management (SIEM). However, 57 percent said they have “struggled with issues” when using their SIEM, saying it was too expensive, required specialised resources and often led to an overload of data.
However, when ESG spoke with early adopters of XDR, they said it allowed them to spot a compromise in a shorter space of time due to the greater visibility it offers. The automation XDR provides would require the equivalent of eight full-time staff, ESG found, meaning it works like “a modern SOC-in-a-box”. This should be music to the ears of mid-sized businesses, for whom a fully-fledged Security Operations Centre may be out of reach.
A SOAR Point
It’s not just SIEM that has been found lacking. That other mainstay of security, SOAR (security orchestration, automation, and response), is lacking too. “SIEMs provide visibility, but they lack the orchestration and automation required to decrease response times,” wrote Al Huger, Senior Vice President and General Manager of Cisco’s Security Platform & Response organization for Cisco Secure.
“SOARs provide automation, but correlation is not straightforward and requires a lot of expertise. Neither option provides built-in response functionality. While larger companies can afford to do the lengthy process of calibrating and maintaining these solutions over time, it’s not possible for resource and time-constrained teams.” Which means that these solutions will not give mid-market companies the protection they need. On the other hand, XDR can provide an effective security posture whilst reducing costs and offering an integrated, unified platform that removes complexity.
The elusive dream of XDR is around the corner for the mid-market. The ability to protect the largest attack surface – web and email – by incorporating cloud, web, email, data loss prevention (DLP) and identity protection into one unified solution is here. It also acts autonomously – moving security from reactive to proactive, allowing services to respond to new threats and adapt to changing circumstances.
For the mid-market the “SOC in a box” promise is in reach. It’s Autonomous Extended Detection and Response – aXDR.
Join the mid-market revolution. Sign up to receive our ‘7 things Wrong with Mid-Market Security’ Report: