Q&A: Incident Response Planning for SMBs

Q&A: Incident Response Planning for SMBs

Small and mid-sized companies are confronting the same information security exposures as large organizations, with smaller budgets and, often, less focus on locking down their business data. Cybercriminals recognize the opportunity, not just to breach small companies, but also to use smaller companies as a foothold to penetrate networks of the big corporations they do business with. asked Raj Dodhiawala, general manager at ManTech Cyber Solutions International, to frame the challenges small and mid-sized companies are grappling with.

Q: You’re advising companies to ‘be prepared to be attacked.’ Why so?
A: The idea is that no matter how much technology you throw at the problem, it’s not going to work. It’s not working for the larger organizations and the same vulnerabilities are in small and midsized businesses. Part of being prepared is not just about technology, but it’s about people and processes. So you need to train and educate your people and have processes so that you can respond quickly to any kind of an incident.

Q: Why are cyber criminals are paying full attention to smaller companies?
A: In today’s connected world, the small guys play an important role in the overall economy. They are the suppliers to the larger companies and so they have access to the keys to the core data that the bad guys are after. In the end, there is nobody really spared, as long as you have access to digital assets or you possess digital assets, you’re going to be the target of an attack.

Q: How prepared are small businesses, generally speaking?
A: C-level folks even at small and midsized companies are becoming more aware of protecting their assets. Right not we’re seeing increased spending in security, either they will buy technology or they will engage with a Managed Security Service Provider to help them bolster their security posture. That’s a positive trend.

Q: What are some simple, effective steps companies can take?
A: From an incident response perspective, you need to know where your assets are, and how they could potentially be breached. An incident response plan can tell you what type of action you need to take and who you need to notify. Having the right processes set up is vital. You certainly need help from the technology as well. Make sure you create better detection and protection technologies coupled with processes so that you can take action.

Q: Are there any side benefits to improving a company’s security posture?
A: Absolutely. When you do business in this connected economy, you’re going to be asked the question, ‘How secure are you?’ We have customers who are small suppliers to the movie making business. They get constantly audited because they’re protecting raw footage, information that is currently done through collaboration with a lot of small entities. So as a supplier, if you’re deemed not secure, you don’t get the opportunity to work.

This article originally posted on