Sergey Nivens - Fotolia

Insufficient SMB security among major issues highlighted by reports

Channel partners weigh in on the state of the security landscape, which recent reports have revealed is troubled by deficient security plans and practices.

Over the past week, three vendors released security reports that together paint an unsettling picture of the security landscape, giving partners food for thought when thinking about building out their security practices, including those for SMB security.

While the three reports -- Dell Security Annual Threat Report, Symantec Internet Security Threat Report 2015 and Verizon Data Breach Investigations Report -- looked at security vulnerabilities, data breaches, malicious code and cyberattacks, the Verizon report also delved into the cost to recover from a data breach. The reports follow the publication of CompTIA's Trends in Information Security study, which found that nearly three-quarters of U.S.-based firms now place a higher priority on security and more than 50% of partners expect IT security revenue to increase.

While it's clear that security attacks show ongoing inventiveness and cunning, one of the more disturbing conclusions from the new reports is that many security breaches could have been avoided had companies been more diligent about their security plans.

For example, Dell observed that businesses overlooked some basic threat points: outdated or unpatched software, under-restricted contractor access to networks, under-secured network access for mobile or distributed workers and under-regulated Internet access. Verizon reported that many cybercriminals still rely on decades-old techniques such as phishing and hacking and that many existing vulnerabilities remain open.

More SMB security attacks

In addition, the Symantec report pointed out that 60% of all targeted attacks struck small and medium-sized businesses (SMB), many of which haven't invested in security or adopted security practices.

"We're seeing more attacks happen in the SMB space at a quicker rate than ever before because … hackers see SMBs as softer targets and they're getting a little more crafty about how they attack them," said Michael Gray, director of network operations at Thrive Networks, an IT services partner based in Tewksbury, Mass.

Not only is Gray's firm having more discussions about security with SMB customers, but he's observed that more SMBs are making security a priority -- a 180-degree turn from five years ago.

"They're reaching out to us, unsolicited, and are asking for more security," he said, adding that it's been great for Thrive's business.

We're seeing more attacks happen in the SMB space at a quicker rate than ever before because ... hackers see SMBs as softer targets.
Michael Graydirector of network operations, Thrive Networks

A Dell SonicWall partner, Gray noted that 90% to 95% of the company's recurring customers have a Dell SonicWall next-generation firewall with all of the security services turned on. "So when a zero-day attack hits, these customers have immediate protection because we're leveraging cloud-based signatures from SonicWall," he said.

Security tools are no longer just for enterprise-size businesses. "Now I think we're going through the next evolution where intrusion prevention systems and intrusion detection systems are becoming just as commonplace as firewalls," he said.

Mark Marro, product champion at Continental Resources (ConRes), a 50-year-old IT solution provider located in Bedford, Mass., said that not all customers put as high a priority on security as they do on other IT projects given limited resources. ConRes is a Symantec Platinum partner, which focuses primarily on Symantec's Veritas business for information management and infrastructure and less so on security. However, the channel partner also sells Dell SecureWorks services to customers and aligns with security vendors such as Check Point, Palo Alto Networks and RSA.

Both Gray and Marro noted that customers are also challenged by the Payment Card Industry (PCI) Security Standards Council standards. In fact, according to Verizon's  2015 PCI Compliance Report, less than one-third of companies maintained full compliance within a year of validation and no more than 74% had sustained compliance with any individual requirement. A key finding in the Dell security report noted a surge in point-of-sale malware and attacks.

Partners bolster security services

Thrive, which was sold in September 2014 to MetTel, a communication solutions provider, will have a stronger managed services offering to address PCI compliance for customers, according to Gray. "We think that we're going to add a lot of power by linking up with MetTel's PCI solutions and our security solutions to give customers a full bundle," he said.

At ConRes, Marro has seen outsourcing of PCI managed services grow in popularity as customers lack resources to manage PCI compliancy themselves. He pointed to Dell SecureWorks network security technology to address industry compliance regulations, including PCI.

Today, ConRes works with other IT partners when needed for additional security expertise. Looking forward, however, the IT solution company sees the writing on the wall for security services, and Marro noted that ConRes' professional services team is in discussions about what its security practice should look like in the next quarter and years out.

Next Steps

Learn how MSSPs benefit from transparency

Tips for protecting your SMB customers against sophisticated cyberattacks

Read about new social engineering techniques

Dig Deeper on Managed network security services