// EDITOR’ S QUESTION //

PHISHING IS STILL THE MOST UTILISED ATTACK METHOD AND SMES ARE A FAVOURITE TARGET FOR THREAT ACTORS LOOKING TO GATHER COMPROMISED CREDENTIALS IN ORDER TO LAUNCH IDENTITY ATTACKS.

Zero day vulnerabilities, identity-based threats and supply chain attacks should all be top of mind for cybersecurity practitioners in small businesses.

We are seeing threat actors leverage vulnerabilities against small businessfocused products like firewalls and storage arrays, such as Cisco, Western Digital, Ivanti and Qnap, in order to gain initial access to environments and then execute their mission, which is often ransomware.

Solution 1: SMEs need to adopt an effective Vulnerability Management Programme that includes monitoring and patching of vulnerabilities. While this suggestion costs no money, it is one of the harder defensive measures to implement because it requires time and expertise, but it is incredibly important.

Phishing is still the most utilised attack method and SMEs are a favourite target for threat actors looking to gather compromised credentials in order to launch identity attacks. These compromised credentials are then used to gain initial access to environments or to launch more identity-based attacks.

Solution 2: SMEs should have multi-factor authentication( MFA) implemented across ALL environments and applications. Additionally, cybersecurity practitioners should be monitoring both successful and unsuccessful authentication attempts to monitor anomalous user behaviour and other suspicious activity.

The most devastating attacks are proving to be based on supply chain risks that are leveraged by threat actors to scale attacks to target an extremely large victim pool, most often including mostly small businesses. These compromised small businesses are then leveraged again to pivot into their customers, which are often large, global organisations.

Solution 3: Small businesses need to increase visibility into their third-party and fourthparty vendors and document their criticality to their own operations as well as to their customers’ operations. This process must occur continuously and SMEs should consider their responses when / if a supply chain attack proves successful.

Small businesses face increasing cyberthreats, but proactive security measures can significantly reduce risk. By prioritising vulnerability management, MFA and supply chain visibility, SMEs can defend against ransomware, identity-based attacks and supply chain compromises without major costs. Attackers seek the easiest targets – by patching vulnerabilities, securing identities and monitoring third-party risks, SMEs can strengthen defences and stay ahead of evolving threats.

22 Intelligent SME. tech