Today, there is a rise in the number of cyber-attacks against small businesses as most of them are not well equipped to alleviate threats. Attackers are always ready to strike at any moment.
On that note, we have Terence Ng, channel director for Asia Pacific Japan, FireEye, highlighting the major threats small businesses face, FireEye’s major strategies and offerings to mitigate the threats, and their channel strategy for 2016.
Small businesses are firmly in the radar of cyber criminals. They are fast becoming their favored target and are woefully unprepared. What are the major cyber threats small businesses are vulnerable to in 2016?
Recently, the cyber security landscape has changed dramatically and evolved substantially. Largely, three kinds of threat actors are the reason behind major breaches. In fact, small and medium sized businesses are the first target for the attackers as they are at the bottom of the supply chain. Website defacements and denial of service attacks are the simplest forms and cyber activists are behind these.
Another group of cyber criminals are financially motivated, and they majorly target banking credentials in order to compromise a company.
Small businesses will face ransomware threats and some amounts of hacktivism depending upon the business they are in. A lot of SMBs do business with large enterprises, so the attackers use them as entry points and move into target organizations.
Also, the small businesses have a small IT budget. The more they digitize the business to increase efficiency, the less they focus on infrastructure. They need to have an affordable and robust security solution.
However, state-sponsored attacks pose the maximum threat to all businesses and governments in 2016. They are most sophisticated and hardest to detect. Last year, we revealed how the cyber espionage campaign by APT30 compromised an Indian aerospace and defense company. Their main target is data pertaining to national security and military intelligence. This Advanced Persistent Threat group (APT) had been targeting a number of governments, businesses and institutions across Southeast Asia since 2005. These advanced attackers target smaller organizations within a supply chain in order to breach the enterprise – or government – at the top of the pyramid.
What are your strategies and offerings this year to protect small businesses from cyber threats?
We are helping India by protecting more organizations and creating better opportunities with the channel. Mid-market expansion and NX segmentation are two of the key strategies for the upcoming year.
As the top-tier organizations improve their defenses, attackers turn their attention to smaller businesses as their traditional targets are now too difficult to breach. Without the help of experienced partners, mid-market organizations don’t stand a chance against advanced attackers that are used to targeting government bodies and some of the world’s largest enterprises.
NX Essentials is designed specifically for the mid-market and small businesses, as it provides high-fidelity detection and low false positives at an affordable price. As an example, we have segmented our flagship NX offering. This helps in opening up greater opportunities for our partners. This also gives our partners more options to offer clients best-in-class threat protection at the right level for their institution.
Which are the best suited ways for CISOs of small businesses to mitigate threats of cyber-attacks?
Limited shared intelligence and shortage of security talent are the main challenges faced by Indian businesses. During most attacks, we have found that threat actors are inside an organization for an average of 146 days before they get detected.
It’s safe to assume an organization had already been breached if they can’t detect an advanced attack. Such an attack might have never been seen before and had been designed specifically for the organization. In such a threat scenario, the firm needs to seal the breach, do a damage assessment, and improve their ability to detect advanced attacks in the future.
We are planning to enable our partners to expand their businesses into the mid-market. This will not only be a boon for them, but will also improve the condition of India’s cyber ecosystem. Extending APT protection to all businesses in the supply chain will ensure improvement in national cyber security. In addition, Indian companies also need to have statutory disclosure requirements for data breaches.
Despite transformational changes in technology, how do cyber attackers manage to stay ahead?
Traditional protection tactics are not enough as the cyber landscape is continuously evolving. The conventional endpoint security solutions are useful against commodity malware, but prove futile against advanced attacks. The modern cyber attackers are getting more advanced and complex. This is because the threat actors of all types continue to improve their techniques to compromise organizations and remain undetected.
Read more to know 5 security resources the CIA’s former tech chief relies on
What is your channel strategy for 2016 in India and how will FireEye help its partners grow? Also, when it comes to penetrating tier 2 and tier 3 cities in India, what are your expectations from Indian partners?
Creating opportunities with the channel will also create enormous opportunities for partners. Small and mid-market businesses may not have the maturity or the budget for high end cyber solutions. That said, we want to recruit more partners in our ecosystem. For instance, we are searching for partners who have a security service offering and managed security services.
In 2016, FireEye will enable its partners to expand their potential in the market and include these mid-market businesses. Our partners are on the front lines of the cyber defense battle, and they are in the early stages of their advanced threat protection programs. This expansion of business into the mid-market segment will also improve the condition of India’s cyber landscape.
What are your key focus areas, verticals, and technologies for this year and the next?
Our key focus area this year would be improvement of the cyber security scenario for the mid-market segment. With advanced threat intelligence and Multi-Vector Virtual Execution (MVX) technology, we aim to provide protection and awareness about sophisticated cyber-attacks. Awareness can be validated by giving examples of the Bangladesh Bank heist, APT attacks, and Pakistani-based SEEDOOR malware threats.