When it comes to smart cybersecurity for small and mid-size businesses (SMBs), reducing the attack surface is critical. In fact, ensuring the attack surface is as small as possible is a basic security measure.
Understanding and managing your attack surface — the number of possible ways an attacker can get into a device or network and extract data — will help reduce exposure to cyber risk.
While many SMBs may think they are too small to be a cybercrime target, a quick look at their attack surface often reveals that there are potential access points in their IT network or other vulnerabilities that can be leveraged to stage a cyber attack or data breach.
The reality is that small businesses continue to face the high probability of cyber attack. Recent data shows 43% of cyberattacks are aimed at small businesses, yet only 14% are prepared to defend themselves. And more often than not, SMBs suffer significant financial impact from an attack. One report estimates that the cost of data breach remediation for companies with less than 500 employees averaged about $2.5 million and this has continued to increase year-over-year. In certain regulated industries, businesses still experience these financial consequences in the second and third year after an attack.
Gaining a better understanding of your IT environment and the elements in your attack surface that represent risk are good steps toward a proactive defense.