Introduction
Cyberattacks around the world are continuing to escalate in both frequency and severity, exacerbated by current global events. Ransomware attacks in particular are an ever-growing threat vector, with the FBI's Internet Crime Complaint Center reporting a 62% year-over-year increase in 2021.[1] Increasingly, the target of these attacks is SMBs, who bear the brunt of 43% of all cyberattacks. Yet only 14% are sufficiently prepared to defend themselves, according to Accenture. A single attack — whether it's a data breach, malware, ransomware, or DDoS attack — costs companies an average of $200,000, and many of these targeted organizations go out of business within six months.[2]
The statistics are overwhelming, and as insurance providers increasingly enforce strict baseline requirements in order to maintain compliance, it's more important than ever for businesses of every shape, size, and industry to be proactive about cybersecurity. The alternative is the high cost of being reactive — an approach that cripples businesses both financially and reputationally. Just like car ownership, preventative cybersecurity efforts are essential to maintain the long-term safety and sustainability of your digital assets. Reactive measures, or waiting to do damage control after your business has fallen victim, are exponentially more expensive. Even some enterprise companies that can handle the financial burden suffer long-term, sometimes irrecoverable, public relations devastation.
Since the pandemic, companies around the world have spent years initiating or accelerating transitions to remote or hybrid workforces, making end users even more vulnerable to cyber exploitation. The use of cryptocurrency has also made transactional anonymity easier than ever, providing an entire economic infrastructure for the cybercrime industry. Offensive strategies employed by bad actors are, in most cases, outpacing the defensive measures many SMBs have in place. This is particularly relevant in the case of the war in Ukraine, which has catalyzed a huge uptick in ransomware attacks originating out of Russia — even before the invasion, the BBC reported that 74% of all ransomware revenue could be linked to Russia-backed hackers. Establishing baseline security practices is no longer optional — it is a fundamental requirement for any modern business.
The average cost of a cyber incident for businesses with 50 to 249 employees is $184,000. Fortunately, the insurance premium for small companies of 100 employees rarely exceeds $25,000 per year for a $1,000,000 policy. Both of these figures increase with the size of the company — a company with between 250 and 999 employees, for example, faces an average cost of $715,000 for an attack. The math is clear: cyber insurance is no longer a secondary consideration but a baseline requirement to protect the stability and digital security of a business's assets.
Events of the last few years have catalyzed a dramatic shift in the cyber insurance landscape, which now imposes strict prerequisites for any business seeking cyber liability coverage. This minimal amount of due diligence nearly always comes down to three basic requirements: Two-Factor Authentication (2FA/MFA), which all providers demand on admin accounts at the very least, and increasingly for all company logins; Extended Detection and Response (XDR), a defensive tool that reports events and actions of endpoint devices and can be bundled with prevention software such as AntiVirus/AntiMalware; and External Vulnerability Scans, which validate that a company has a clear bill of cybersecurity health and isn't a sitting duck for hackers — keep in mind that hackers perform these same scans to determine if your business is an easy or valuable target.
Understanding the threats these requirements defend against is equally critical. Email remains the largest threat vector and attack surface for every business, regardless of size or industry — from phishing and spoofing to credential theft and identity theft, hackers continue to get more creative in the methods they employ. Data breaches are among the more common and headline-grabbing cybercrimes, often resulting from weak frontline defenses like underpowered web security or outdated malware software. Social phishing on platforms like Instagram and LinkedIn is increasingly targeted, as individuals and organizations often have their guard down on these channels. Finally, ransomware — an umbrella term for any malware that threatens to publish or block access to data unless a ransom is paid — can result from unprotected email, weak security, outdated antivirus software, untrained staff, or a lack of security policies. Government agencies like the NSA have enforced policies forbidding ransom payments, and as a result, hackers often release stolen data publicly, causing catastrophic reputational and financial losses.
The 8 Cybersecurity Pillars Every Business Needs: Foundation and Infrastructure
Building a resilient cybersecurity posture starts with foundational infrastructure controls. Pillar 1: Network Segmentation is a security technique that divides a larger network into smaller, isolated subnetworks. This enables teams to compartmentalize each subnetwork with unique security controls and support services. Macro Segmentation divides traffic into groups based on higher-level data points such as IP address, language, or location, while Micro-Segmentation focuses on more granular customer-related data like browsing history and preferred products. Both forms greatly increase security — after all, a network is only as strong as its weakest link, and segmentation isolates traffic, reduces the attack surface, and prevents hackers' lateral movement within your network.
Pillar 2: Next-Generation Firewall (NGFW) combines a traditional firewall with advanced network filtering functions, including website filtering, traffic inspections, third-party identity management, and application firewalls that utilize Intrusion Prevention Systems (IPS) or Deep Packet Inspections (DPI). NGFWs perform far more thorough inspections through deeper layering, more robust filtering of network traffic, and signature-matching for harmful behavior against data banks of known exploits and malware. They can be implemented in both hardware and software, detecting and blocking sophisticated attacks at both the port and protocol levels while offering administrators greater flexibility, awareness, and control over applications through identity-based security approaches.
Pillar 3: Extended Detection and Response (XDR) has never been more important in a work-from-home world. XDR is the next generation of endpoint detection and response (EDR) security, working across networks, cloud-hosted environments, apps, and endpoints to provide extended visibility, analysis, and response capabilities. This gives IT administrators deep insight into managed endpoints and greater control over what those endpoints can access. It translates to more strategic defenses based on unique threat vectors, the ability to identify threats or attacks in real-time, and comprehensive before-during-after attack protection. Multi-layered approaches — including web security filtering and endpoint security agents — can further improve endpoint defensibility. Pillar 4: Backups round out the foundation — sometimes the most obvious safety measures are the easiest to neglect. The best advice is to assume your business is already breached and ensure you have a tested recovery plan. The enhanced 3-2-1-1-0 backup rule calls for (3) copies of critical data, (2) separate storage devices, (1) copy stored offsite, (1) copy stored offline or air-gapped, and (0) errors during backup validation.
Pillar 5: Security Risk Assessment (SRA) serves to identify chinks in your business' cybersecurity armor so you're able to shore up defenses before bad actors exploit the opportunity. Beyond a Vulnerability Scan, SRAs identify, assess, and implement key security controls to proactively defend against attacks. The first step is to audit and inventory your organization's informational assets and identify risks to critical infrastructures and sensitive data. Once identified, develop a prioritized roadmap based on the severity of vulnerabilities and the potential risk of their exploitation, then take immediate action to mitigate those risks. Ideally, SRAs should be conducted monthly, quarterly, and annually to ensure your business is defensible against ever-evolving threats.
Pillar 6: Multi-Factor Authentication (MFA) addresses the most commonly targeted and routinely exploited threat — business email compromise. MFA, an authentication system requiring a combination of verification factors beyond a single password, is reported to block 99% of all login attacks. Single-factor authentication is simply too easy to exploit by today's standards. MFA forces users to present two or more pieces of evidence — knowledge (something only the user knows), possession (something only the user has), or inherence (something only the user is) — making it a nearly impenetrable level of defense that is relatively easy to implement across your entire organization. MFA can also be used in conjunction with Conditional Access permissions, heightened email security agents, and Virtual Private Networks (VPN) to prevent a significant portion of DoS attacks.
Pillar 7: NIST Cybersecurity Framework (CSF) provides a set of guidelines and written policies for data governance, risk assessment protocols, and procedures that mitigate organizational cybersecurity risks. Published by the National Institute of Standards and Technology, this gold-standard framework's primary functions are to identify, protect, detect, respond, and recover from common attacks. Compliance is voluntary, but adhering to its guidelines sets your business far above other "low-hanging fruit" targets. Finally, Pillar 8: Cyber Hygiene is arguably the most critical cultural pillar — enforcing regular cybersecurity training and continuing education programs company-wide, for both stakeholders and staff. Accountability is the crucial linchpin to ensure success, and if your business is large enough, dedicated security personnel are instrumental in helping enforce these models and ensure adoption by everyone. Stay informed, keep your employees educated, and ensure the long-term viability of your business remains as protected as possible.
The Takeaway for IT Buyers
The cybersecurity landscape is evolving at a pace that demands immediate, deliberate action from every business — particularly SMBs that are disproportionately targeted and often underprepared. As we've outlined, the threats are real, the stakes are high, and the consequences of inaction can be devastating. From the escalating sophistication of ransomware attacks linked to geopolitical conflicts to the ever-present dangers of email compromise and data breaches, no organization is immune. The alarming statistics make it clear that proactive investment in cybersecurity is not just advisable — it is essential for survival.
The eight cybersecurity pillars discussed — network segmentation, next-generation firewalls, extended detection and response, robust backups, security risk assessments, multi-factor authentication, NIST CSF compliance, and cyber hygiene — form a comprehensive defensive framework that dramatically reduces your organization's exposure to risk. These measures not only satisfy the increasingly strict prerequisites set by cyber insurance providers but also establish the resilient digital foundation necessary to operate with confidence in today's threat environment. Each pillar reinforces the others, creating a layered security posture that deters attackers and empowers your teams to detect, respond to, and recover from incidents swiftly.
At Derive Technologies, we understand the complexity of building and maintaining a world-class cybersecurity strategy. With decades of experience serving healthcare, financial services, government, education, and commercial SMB clients, our team is uniquely equipped to help you assess your current posture, identify gaps, and implement the solutions that best protect your business. Don't wait for a breach to take action. Reach out to Derive Technologies to learn more about how we can protect you from the threats of today and tomorrow — BOOK A FREE CONSULTATION and take the first step toward a more secure future.