Akamai Diversity

The Akamai Blog

Security as a Service for SMBs: How ISPs can Fill a Rapidly Growing Need

With cyberattacks affecting SMBs at an alarming rate, business owners are challenged with putting strong enough security in place to protect them from the average $20,000 price tag per incident. Ransomware, in particular, has hit the SMB sector hard. As stated in a recent study by Arctic Wolf Networks, last year saw a 433% increase in ransomware attacks against SMBs1 - a number that is expected to grow.

The reasons that SMBs see such a large number of attacks and infections are many. For one, SMBs typically don't have in-house security expertise to make sure devices and users are adequately protected. Also, they have cost constraints which prevent them from using enterprise-class solutions. Additionally, they often have outdated systems in place which have security holes that cybercriminals know how to take advantage of - and they do. In fact, many believe that SMBs are used as a testbed for black hat hackers to launch larger attacks in the future (read more about this in our latest Spring 2017 Data Science Security Report).

There are plenty of security software vendors that offer solutions, however, these products are either limited in effectiveness, are too complex for an SMB user, or are priced out of reach. For example, endpoint security solutions like anti-virus software no longer offer adequate protection as they simply haven't kept up with today's emerging cyberthreats. Additionally, they only secure the particular device on which they're installed, so multiple licenses need to be purchased to protect multiple devices, which amounts to a lot of maintenance and software upgrades that can be overly burdensome for an SMB with limited IT staff.

There are also cloud-based security solutions that are designed to protect all of an organization's users and devices, yet they strip away network visibility and control from the company's internet service provider (ISP), which means the ISP loses sight of its customer. This is great for the cloud security provider but bad for the ISP--and potentially bad for the SMB. While security vendors may state that offloading network security management to them takes pressure off the ISP and gives them less to worry about, the opposite is true. If another provider takes control of securing devices and activities on the network, the network is vulnerable to latency, outages and other issues that may arise from that vendor's cloud infrastructure.

A New Approach to Security as a Service Keeps Cybersecurity in the 'Carrier Cloud'
In my view, a better approach is for service providers to offer their own cloud-based security service, which allows them to maintain network and customer visibility while offering a value-added service for which their SMB customers are typically willing to pay. By utilizing DNS, which is leveraged in more than 90% of cyberattacks2, ISPs can gain valuable insights into the attacks that are attempting to slow or take down their networks, as well as discover any infected devices so they can notify subscribers and help them take steps toward remediation. A DNS-based security solution keeps security in the network and in the carrier cloud - rather than a third-party provider's - which offers the best line of defense, particularly for SMB customers. Because it's a network-based solution, all devices connected to the ISP's network are automatically protected, and updates to the software to ensure the latest threats are blocked and mitigated are automatic, so there is no need for management on the part of the SMB. And by leveraging an existing asset in the carrier's network infrastructure - DNS - the service can be offered at a price that is within an SMB's budget.

Our managed services partner CIRA (Canadian Internet Registry Authority) is seeing high demand for its D-Zone DNS Firewall service, which enables mom and pop businesses, schools, medical facilities, government agency offices and other SMBs to keep their employees, guests and all connected devices protected from phishing, ransomware, IoT-based attacks and other malware.

CIRA is a great example of a service provider that recognizes there is a huge unmet need among SMBs for security that is cost-effective, easy to deploy and manage, and maintains control and visibility of the network for the provider while generating a new revenue stream. CIRA has white-labeled our DNS security software and is now offering it as a security as a service to their SMB customers, which gives them a tremendous advantage in the Canadian market and other regions.

I suspect that as the cyberthreat landscape continues to evolve and needs for robust and affordable security for SMBs continue to grow, we'll see more deployments like CIRA's in the very near future.

1 https://www.forbes.com/sites/robertvamosi/2017/01/10/managing-ransomware-detection-for-smbs/#3a3149cf3a31

2 https://blogs.cisco.com/security/overcoming-the-dns-blind-spot