4 key takeaways from “XDR is the perfect solution for SMEs” webinar
Cyberattacks on large organizations dominate news headlines. So, you may be surprised to learn that small and medium enterprises (SMEs) are actually more frequent targets of cyberattacks. Many SMEs understand this risk firsthand.
In a recent survey, 58% of CISOs of SMEs said that their risk of attack was higher compared to enterprises. Yet, they don’t have the same resources as enterprises – making it nearly impossible to protect their organizations from widespread and increasingly more sophisticated attacks that don’t discriminate based on company size.
What’s their solution? Extended detection and response (XDR).
During a recent webinar, Cynet’s Director of Product Strategy, George Tubin, and guest speaker Senior Analyst at Forrester, Allie Mellen, discussed the most serious cybersecurity challenges for SMEs and how they can benefit from XDR platforms.
Here are the four key takeaways from the conversation.
1. The biggest cybersecurity challenges for SMEs
Why do cybercriminals go after SMEs? Easy targets!
Most SMEs don’t invest in effective threat detection and incident response tools. The result: a weak security infrastructure that increases attack risk. And they can barely afford to put a few boots on the ground, much less dedicate a full-fledged security operations center (SOC) for cybersecurity.
Then there’s the shortage of cybersecurity talent. With just a few individuals charged with protecting the company from a constant barrage of threats, these small teams cannot realistically safeguard their organization around-the-clock.
Plus, since security team members wear many hats, they feel overburdened. This leads to ignoring alerts from security tools – even legitimate ones – once again, leaving the door open to a successful attack. Day-to-day operational activities and manual processes further prevent them from keeping up with new threats and developing a strong threat detection and response strategy.
Finally, SME security professionals frequently struggle to learn, integrate, and maintain the various security tools in the organization, limiting their ability to address threats and keep attackers out.
2. The top strategic priorities for SMEs for 2023
According to Forrester, their recent survey found that improving security operations strategy was the top priority for a majority of SMEs (30%), not only to protect business-critical data, but also to guide the implementation of robust controls to satisfy regulatory requirements around data privacy.
Over 25% of respondents said they want to use security capabilities built-in to their existing tools instead of using third-party technologies. This finding shows that SMEs want to reduce security costs and complexity, as they explore ways to protect against persistent threats coming from multiple sources.
To mitigate these threats, SMEs need simpler and well-integrated cybersecurity tools like XDR.
XDR provides multiple tools that would otherwise be cost prohibitive to acquire and then also provides these tools pre-integrated, which is also challenging for SMEs to achieve. Some XDRs have extensive automation to reduce the manual burden on smaller IT security teams.
3. The differences between open XDR and native XDR
XDR collects security data from various sources to enable automated threat detection, analysis, and remediation. It can provide a comprehensive picture of the attack surface and enables SME security teams to build, and sometimes automate, better incident response workflows.
Open or hybrid XDR integrates third-party security tools to collect telemetry and automatically execute response actions. Since it requires a lot of integrations, SMEs with small security teams may not be able to deploy and use it as easily.
Native XDR, on the other hand, combines security tools and capabilities from a vendor’s portfolio to provide one all-in-one solution that’s easy to deploy and use. You can check out Cynet 360 AutoXDR as an example of one of these tools.
4. Best practices to evaluate XDR solutions before purchase
In the webinar, Allie recommends that all small/medium-sized companies follow some best practices when evaluating XDR offerings for their security requirements.
One important factor is to determine how much support a vendor provides. Vendors focused on providing superior customer support enable SMEs with small security teams to take full advantage of their platform’s telemetry, threat investigations, and automated incident response capabilities.
The SME should also ask about the telemetry data the tool collects. Lots of security data doesn’t always equate to good or useful data. Moreover, too much data can overwhelm SME security teams. That’s why it’s crucial to confirm that the platform collects useful telemetry that will help strengthen their cyber defenses without burdening analysts.