Season 3, Episode 9: We chat with SonicWall’s Doug McKee about the top 5 threats targeting SMBs based on recent research.

Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here.

Cybersecurity challenges come in many different flavors regardless of how old your company is or how many employees it houses. Larger companies have to deal with layers upon layers of technology, processes, and the people who support it. Smaller organizations are resource-constrained, often lack the experience or expertise to build a proper program, and typically rely on external support systems.

While larger companies may not be nimble, typically, they employ and understand the value of threat intelligence to hone in on risks that could impact the business. They also have larger targets on their back because they are seen as more valuable targets for data, financial drain, and other nefarious purposes. In the same, smaller organizations may not be as valuable as a direct target, but they can be seen as a doorway into these larger companies. It’s for these reasons that supply chain attacks, even older ones, are among the top threats targeting small businesses and startups.

This week on AZT, we examine the top five threats targeting startups and small businesses and chat with SonicWall’s Executive Director of Threat Research about the WHY behind them. As a researcher and educator through SANS, Doug McKee shares his perspective on why smaller shops need to consider threat intelligence as part of their cybersecurity program and how MSPs can help fulfill that capability.

Log4j (2021) more than 43% of organizations were under attack

Fortinet SSL VPN CVE-2018-13379 - 35% of orgs were under attack

Heartbleed (2012) - 35% of organizations

Atlassian CVE-2021- 26085 - 32 %

Vmware CVE-2021 - 21975 - 28% of orgs

Doug is an experienced information security professional who possesses extensive technical expertise acquired through involvement in application and system security testing, hardware and software vulnerability research, malware analysis, forensics, penetration testing, red team exercises, protocol analysis, application development, and risk mitigation activities. These technical proficiencies are complemented by adept leadership and communication skills, honed through the leadership of teams and projects, collaboration within both large and small teams, and the composition of technical reports for clients.

Doug is recognized for discovering numerous CVEs and regularly speaks at prominent security conferences such as Blackhat, DEFCON, RSA, Hardware.io, and Ekoparty. Additionally, Douglas's research is frequently featured in publications with a wide readership, including Wired, Politico, Bleeping Computer, Security Boulevard, Venture Beat, CSO, Politico Morning eHealth, Tech Republic, and Axios.

None of these vulnerabilities in SonicWall’s research were found or disclosed between 2022-2024, and yet we’re still dealing with them

Old vulnerabilities remain a significant threat

The most widespread attacks for SMBs include Heartbleed and Log4j vulnerabilities

Many widespread vulnerabilities are supply chain vulnerabilities

These vulnerabilities are embedded in multiple products and systems

Patching vulnerabilities can be complex and costly

Compliance and regulatory standards can complicate the process

Attackers are becoming increasingly nuanced in their approaches