Small and medium-sized enterprises are increasingly facing cyber threats as they adopt hybrid working or e-commerce.
Increased security concerns in the face of the evolving SME landscape
Microsoft conducted a survey of more than 150 small and medium-sized businesses in the United States in April 2022 to better understand the evolving security needs of SMBs. More than 70% of SMBs reported that cyber threats are becoming a greater business risk. With nearly one in four SMBs reporting having experienced a security breach in the past year, they have reason to be concerned. In fact, ransomware attacks have increased by more than 300%, with more than half targeting small businesses.
Although they face the same risks as large enterprises, SMEs often lack access to appropriate resources and tools. Many SMEs still rely on traditional antivirus solutions to ensure their security. While 80% of SMEs report having an antivirus solution in some form, 93% of them continue to worry about the increase and evolution of cyberattacks — with phishing, ransomware, and data protection being the top priorities.
What makes SMEs particularly vulnerable is that they often have fewer resources and lack specialized security personnel. In fact, fewer than half of the SMEs surveyed have an in-house IT security manager, and SMEs cite the lack of specialized security personnel as their primary security risk factor. Sophisticated enterprise security solutions are often prohibitively complex or too expensive, or both.
Security for all in the service of SME protection
At Microsoft Ignite, we shared our vision of security for all, believing that small and medium-sized businesses should have affordable access to the same level of protection as large enterprises. Today, we are pleased to take this vision further with the general availability of the standalone version of Microsoft Defender for Business. Defender for Business brings enterprise-grade endpoint security to SMBs, including endpoint detection and response (EDR) capabilities, with the ease of use and pricing that small business customers and their partners expect.
Microsoft Defender for Business is already included in Microsoft 365 Business Premium, our comprehensive security and productivity solution for businesses with up to 300 employees. Customers can now purchase Defender for Business as a standalone solution. Server support will be available later in the year as a complementary solution.
Enterprise-grade security to protect against ransomware and other cyber threats.
To protect against the growing volume and sophistication of cyberattacks such as ransomware, SMBs need enhanced security. Many SMBs still rely on traditional antivirus, which provides only a single layer of protection by comparing against signatures to guard against known threats. With Defender for Business, you benefit from multilayer protection, detection and response, covering the five phases of the National Institute of Standards and Technology (NIST) cybersecurity framework - identify, protect, detect, respond and recover - to protect against and remediate known and unknown threats. Let us examine these capabilities in detail:
Identify
Threat and vulnerability management helps you prioritize and focus on the weaknesses that represent the most urgent and highest risk to your business. By discovering, prioritizing, and remediating software vulnerabilities and misconfigurations, you can proactively build a secure foundation for your environment.
Protect
Attack surface reduction options help minimize your attack surface (such as the places where your organization is vulnerable to cyberattacks through your devices and applications), leaving threat actors with fewer means to carry out attacks.
Next-generation protection enables you to prevent and protect against threats at your doorstep through antimalware and antivirus protection on your devices and in the cloud.
Detection and response
Endpoint detection and response provides behavior-based detection and response alerts so that you can identify persistent threats and remove them from your environment.
Recover
Automated investigation and remediation allow you to advance your security operations by examining alerts and taking immediate action to resolve attacks on your behalf. By reducing the volume of alerts and remediating threats, Defender for Business enables you to prioritise tasks and focus on more sophisticated threats.
Designed for SMEs, easy to use and cost-effective.
We designed Defender for Business with the needs of SMEs in mind. Since IT administrators at SME customers and partners often need to juggle multiple roles at once, we wanted to offer an easy-to-configure solution capable of automatically detecting and remediating threats, so you can focus on running your business. Defender for Business comes with built-in policies that allow you to get up and running quickly. We have also included a simplified onboarding wizard for Windows devices. Additional simplification for macOS, Android, and iOS is planned.
Through automated investigation and remediation, we carry out the same type of work as a dedicated security operations (SecOps) team by continuously detecting and automatically remediating most threats.
For more information, contact ST Digital, Microsoft Gold Partner.