Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Leadership and ManagementSecurity & Business ResilienceCybersecurity News

Cybersecurity: A View From the Middle

By Gilbert Morales
cyber network
November 7, 2019

Cybersecurity can be a scary beast for any organization of any size. The stakes are high. The adversaries are sly. The landscape is always shifting.

These challenges can be especially significant for small and medium-sized businesses that have limited resources in capital and specialized expertise.

Moreover, there is really no right or wrong way to go. It all depends on the nature of the company, the data it needs to protect, how long it can tolerate a breach, and the optimum mix of defensive tactics that make the most sense from a business perspective.

Confidential Data

Beyond simple cost calculations for recovery is the intangible value of lost data. Small and mid-sized businesses (SMBs) are also entrusted with employee information, financial data, customer records and so on. A major risk is the company’s reputation. Often, SMBs deal with a broad client base that includes entities like banks, schools and government agencies.

The biggest threat SMBs seem to currently face is ransomware. It’s of particular concern since it appears to be migrating from large corporate targets to smaller organizations that, of course, also have data that is critical to their operations.

Tap Peers and Outside Resources

SMBs typically don’t have dedicated cybersecurity experts per se in-house. But they might be blessed with a highly capable IT staff that is able to monitor, manage and implement protective measures while advising top management on trends and potential solutions.

That said, they should make sure to take advantage of relationships with others both inside and outside their business segment. Based on a common need, it’s an open community that shares information between IT teams and other staff to learn from each other’s experiences.

Cover the Basics

SMBs primary focus should be on the fundamentals of prevention. For example, the fundamentals include implementing the next generation of antiviruses that are now using artificial intelIigence (AI) and machine learning (ML) to monitor systems, provide alerts when devices are compromised and take appropriate action. The appropriate firewalls should also be maintained. 

But that’s just the beginning. Another given is a backup solution. It’s a key consideration for SMBs, not just large corporations. Unfortunately, we’ve seen our peers being compromised without a robust backup process in place. At the end of the day (or the incident), it’s the backup system that underpins the ability to restore lost or compromised data.

In the old days, a single backup was done to tape with the tapes stored at an off-site storage facility. Then backups moved to internal servers plus tapes at a DR site to create a double backup for an extra layer of protection. The next step is moving from a DR site to the cloud.

It’s also critical to have an effective barrier between infrastructure and backup solution. We have seen this happen with other companies where ransomware started in the primary infrastructure and was able to corrupt the backed up data as well.

A key consideration for backup is frequency. How long can you “afford” to be down? What is the cost to your company if you're down for a day, a week or a month? What will it cost to recreate the lost data?

However, SMBs should believe in hourly backups and may be paying a bit more for the backup solution, storage, processing, etc. But they’ll recoup that expense in time saved, as well as data integrity.

Best Practices

There are three levels in an effective cybersecurity program:

  1. One is local machines like laptops where people are clicking on external websites and receiving email. Do they have antivirus installed? Is that antivirus up-to-date? Is it next-gen antivirus? Is it the same for all devices?
  2. The second is training. Your people are the first and last line of defense. For example, SMBs might deal with a lot of junk email and phishing email cloaked as legitimate companies or individuals. Also, it’s essential to practice and test the implemented cybersecurity processes on a regular basis.
  3. The third is infrastructure. Are there locks on server rooms, and who has access? What is the password policy? Is multi-factor authentication required? How is access to cloud services being managed?

Innovations in Cybersecurity

Cutting-edge technologies are helping to combat these kinds of threats. Holistic cybersecurity offerings include antivirus, firewalls, authentication, monitoring and recovery. Also included may be a one-time analysis of the entire infrastructure to identify weak points.

Through ML and AI, tools are available to track access attempts from outside locations anywhere around the world or from disbursed locations in a timeframe that would be physically impossible. That information can enable a quick change of password, a decommissioning of the account and/or scan of the device.

These services can often be layered so that SMBs can build a security protocol protection in phases to manage the cost over time.

Making the Investment

Cybersecurity is like an insurance policy. It may not come cheap, but it’s there for a reason to help you protect yourself. And it’s probably cheaper than the cost of lost data, recovery expense and potential hit to the company’s reputation.

If you do make the investment, make sure you create formal cybersecurity protocols, policies and documentation. This should also include a disaster recovery plan in writing that is shared throughout the company.

With the right knowledge and commitment, hopefully you won’t lose sleep at night as the IT leader…at least not too much.

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.

KEYWORDS: artificial intelligence (AI) cyber security machine learning Small to Medium Business (SMB) security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Gilbert morales
Gilbert Morales is the Director of Information Systems at Tangram.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Person holding cellphone

Millions of Android, iPhone Users Could Be Sending Data to China

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Cybersecurity and Geopolitical Podcast Episode 10 Russia Ukraine

    Learning from the past: Russia, Ukraine & the Middle East

    See More
  • $2.8 Million Order from the Middle East for Multiple ZBVs

    See More
  • 5_minutes_with_Caponera_1021_900px.jpg

    5 minutes with Jerry Caponera - Developing a risk-oriented view into cybersecurity

    See More

Related Products

See More Products
  • Whitepaper-Social-Media-3.gif

    Optimizing Social Media from a B2B Perspective

  • Physical-Security-and-Safet.gif

    Physical Security and Safety: A Field Guide for the Practitioner

  • 9780367221942.jpg

    From Visual Surveillance to Internet of Things: Technology and Applications

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!