Submit a Support Ticket
Managed Services
Managed Services
Enterprise-level processes, technology and strategy for small and medium businesses. Outsourced services, all supported by members of the Impact team.
See Our Approach
IT & Cloud
IT & Cloud
Security-focused network infrastructure management
Cybersecurity
Cybersecurity
Proactive network alerting and monitoring
Digital Innovation
Digital Innovation
Process efficiency and modern business applications development
Marketing & Branding
Marketing & Branding
Full-service marketing strategy, creation and development
Print & Documents
Print & Documents
Cost-effective equipment, support and document management
Solutions
IT & Cloud
vCIO Consulting
Designated, strategic account management services
Backup, Disaster Recovery & Business Continuity
Proactive security and prevention of data loss
Cloud Hosting Platforms
Digital storage environments for company data
Workspace as a Service
Remote work access and collaboration tools
Infrastructure and Network Management
Network monitoring tools managed by Impact
Productivity Suites
Cloud-based tools to communicate and collaborate
Mobile Device Management
Visualization and controls for all company devices
View More Solutions
Cybersecurity
Edge Security
Protection for networks closest to the internet
Endpoint Protection
Detection and protection for all company devices
Secure Data Protection
Tools to secure company data
Identity & Access Management
Authentication and secure portals to control access
Network Security Monitoring
Vulnerability monitoring, threat detection and risk mitigation
Compliance Services
Expertise focused on industry regulations and standards
Cybersecurity Consulting
Security awareness training and professional cybersecurity consulting
View More Solutions
Digital Innovation
Enterprise Resource Planning
Centralized management of business processes and applications
Business Process Automation
Multichannel platform to streamline workplace activities
Business Intelligence
In-depth analytics to inform business strategy
Robotic Process Automation
Software robots designed to support everyday processes
Enterprise Content Management
Platform for streamlining data-driven processes
Rapid App Development
Low-code platform for custom applications
Project Management Solution
Empower collaboration using the Smartsheet platform
View More Solutions
Marketing & Branding
Website Design & Development
Web and mobile SEO, coding and design
Content Marketing
Tailored copy for website, social and email
Video & Photography Production
Professionally-shot, high-quality visuals
Brand & Design
Graphic and content presentation for brand identity
Research & Insights
Competitive research to inform marketing strategy
Paid Media Services
Digital strategies for search, social and ads
Custom App Development
Low-code applications for customers and employees
View More Solutions
Print & Documents
Digital Office Equipment
The latest office technology and ongoing support
Production Print
Specialty, affordable technology for quality print materials
Paper
One-source office supply services
View More Solutions
Company
20 Years in the Making
Learn more about Impact Networking, our team and history.
Learn More About Impact
News
News
Press releases and company announcements
Locations
Locations
Information about Impact's branches
Leadership
Leadership
Impact executives and department heads
Company Videos
Company Videos
Events, partnerships and community engagement
Partners
Partners
Impact's technology and equipment providers
Events
Events
Online and in-person events
Careers
Working at Impact
Impact's values, benefits and teams
Open Positions
Current job openings at Impact
Career Videos
Employee features and career information
Impact Leadership Institute
Professional learning and development program
Resources
Support Inquiries Get in Touch
Support Get in Touch
Managed Services
Managed Services
Managed Services
Enterprise-level processes, technology and strategy for small and medium businesses. Outsourced services, all supported by members of the Impact team.
See Our Approach
IT & Cloud Cybersecurity Digital Innovation Marketing & Branding Print & Documents
Company
Company
20 Years in the Making
Learn more about Impact Networking, our team and history.
Learn More About Impact
News Locations Leadership Company Videos Partners Events
Resources Support Inquiries Get in Touch
Request Support Customer Portal
Blog Post
Aug 19, 2021

What Should You Expect in Your Cybersecurity Tech Stack?

What should be in your tech security stack? This is the question businesses are asking themselves with increasing concern as the cybersecurity environment continues to be a volatile and often dangerous place for organizations today.

Prior to the pandemic, cybersecurity was a big issue among organizations, many of whom are seeing a rise in attacks with every year. This has led to increased interest and investment in business security tools and solutions.

Budgeting for cybersecurity has increased 141% since 2010.

With the onset of the COVID pandemic, cybersecurity became an even greater issue for all companies, and SMBs in particular.

It’s becoming clearer each year that having a scattershot approach to cybersecurity solutions isn’t good enough for a modern strategy.

It’s not enough to just have a quality anti-virus or VPN—businesses need to adopt a multi-layered strategy to fully protect themselves.

Related Post: Why You Need Layered Security 

In this blog post, we’re going to take a look at the specific solutions that make up a quality cybersecurity tech stack by showing you what we at Impact provide our own clients when they hire us.

You’ll learn which areas make up a security stack, along with examples of brands that develop the solutions in it.

Let’s dive right in.

What Should You Expect In Your Cybersecurity Tech Stack?

Why Is a Security Stack Necessary Today?

A range of solutions is today required to operate a successful cybersecurity strategy.

As we noted, the number of cyberattacks that are targeting businesses in 2021 has increased significantly over even just the last few years, which has in turn led to a sharp increase in spending on cybersecurity from organizations across the country.

Malware increased by 358% overall and ransomware increased by 435% in 2021 as compared to 2019, with phishing attacks accounting for more than 80% of reported security incidents.

Because of the sheer amount of attacks targeted at businesses that occur on a daily basis and the vectors used—whether it’s via email, web-based, device-based—it’s necessary to use a variety of tools that can cover every avenue of attack and potential weakness.

What Should You Expect in Your Cybersecurity Tech Stack?

Guarding Against Attack Vectors

By far the most significant attack vector used by cybercriminals is social engineering—71% of IT professionals say they’ve had employees at their company fall victim to these types of attacks.

The average cost of social engineering attacks is around $130,000—untenable for many SMBs. Preventing costs like these by guarding and monitoring devices used frequently by employees is a key method of ensuring business security.

The vast majority of solutions in a cybersecurity stack will be geared towards ensuring the risks of vectors like social engineering are minimized—for example through multi-factor authentication and email filtering—and that common weaknesses within a network (devices) are monitored so that threats can be contained effectively should unusual activity be recorded.

Tech Security Stack

Now, we’re going to take a look at what you should expect in a tech security stack.

We’ll be examining all the components of a security stack—each tool and solution, what they do, what they protect, and why they are necessary for cybersecurity.

This blog will also list common examples of solutions in a typical security stack that are used to secure a business.

Perimeter Security 

Perimeter security solutions protect data between a private internal network and an external public-facing network.

In short, it’s a protective shield for your business.

Traditionally, perimeter security has been the be-all and end-all of cybersecurity insofar as guarding networks was concerned. Once upon a time, back when dinosaurs roamed the earth in the 2000s and early 2010s, it was often sufficient for companies to use just a perimeter firewall solution.

Now, that’s not the case today, but perimeter security still plays a vital role in securing data internally for businesses.

There are several solutions that can achieve this. The most notable are unified threat management and a web application firewall.

Unified threat management is a comprehensive solution that will include a lot of tech that you’re likely already familiar with. Antivirus; firewall; intrusion detection; spam filtering; content filtering; and in some cases, VPN support for encrypted communications.

A UTM is an excellent tool for uncovering and nullifying potential threats attempting to gain access to your network.

A web application firewall, or WAF, is similar, but focuses on data traveling between the end user and the cloud app they’re using. Because so many businesses today store, handle, and access data in the cloud, WAFs have become important tools to supplement cybersecurity strategies.

Examples of providers for these solutions: Cisco Meraki (UTM), Cloudflare (WAF)

Endpoint Protection 

Just as WAFs are more significant in 2021 because of the increased use of cloud apps in organizations, endpoint protection is also important because of the modern prevalence of the Internet of Things (IoT), which has led to substantial increase in the number of devices businesses have to protect.

Endpoints are everywhere in a modern business environment—smart TVs, mobile devices, printers, vending machines—you name it.

In 2015, there were 15 billion Internet-connected IoT devices worldwide. In 2020, that figure had doubled to 30 billion—by 2025 it will be 75 billion.

To manage these endpoints, businesses should utilize domain name system (DNS) protection. DNS is best thought of as a sort of “phonebook” for computers, which understands IP addresses rather than human language.

Of course, not every “number”, or site in the phonebook is trustworthy and there are many malicious sites out there. DNS protection stops access to malicious sites, and can be extended to all devices under a network, meaning an employee browsing on their phone using your company network won’t accidentally let a cyberattacker into your business by visiting a dangerous website.

Cisco has indicated that over 90% of attacks are done via DNS and only two-thirds of organizations monitor their DNS records.

Then we have managed detection and response (MDR), which is an endpoint protection service that detects, prevents, and responds to attacks across all vectors.

As opposed to searching for the characteristics of malware—which can be hidden or changed to something unrecognizable—as a traditional protection service would, MDR monitors the processes of every endpoint, recognizing deviations from the norm and responding.

Finally, we have persistence detection. “Persistence” refers to a modern hacking process, whereby cybercriminals gain access to your systems and wait for the opportune moment to strike by lingering silently in the background undetected.

This solution uses advanced technology to sniff out bad actors hiding in plain sight by collecting information and activity associated with persistent mechanisms that evade other cybersecurity technologies.

Examples of providers for these solutions: Cisco Umbrella (DNS), SentinelOne (MDR), Huntress (persistence)

Information Security

Information security is essential in preventing data leakage and other forms of unintentional data loss.

Information security is all about access and stopping inadvertent data loss. Data loss prevention (DLP), for example, is about preventing data leakage, which refers to the unauthorized transfer of data from inside your organization to outside.

Related Post: What Is Data Leakage and Why Should You Care?

DLP aims to rectify this issue by establishing clear standards for your data through labeling and categorizing. This means determining where certain data should be stored, who has access to it, and where it can be shared.

This approach is a typical standard in cybersecurity programs and avoids the significant issues that data leakage can bring to a business.

Email protection, meanwhile, operates on the same premise; only for your email communications. Email protection solutions help prevent many common vectors like phishing attempts, spam, and viruses communicated to end users through email servers.

Examples of providers for these solutions: Microsoft Azure (DLP), Proofpoint (Email)

Authentication Protocols

Authentication solutions ensure the people accessing your business data are who they say they are.

Authentication is a simple and incredibly effective way of preventing unauthorized users accessing your business data, and yet is not taken seriously and often overlooked by companies in their security policies.

Microsoft estimates that using MFA stops 99% of all automated brute force attacks.

Multifactor authentication (MFA), which requires the use of a secondary device or method to authenticate a user, has proven especially useful in preventing breaches, and solutions that cater to this are capable of protecting every app or software service you use; in addition to meeting modern compliance standards.

Likewise, automated password management solutions mean that you can ensure your employees are consistently staying up-to-date with strong passwords.

This tech can push password change automation, keep a full trail of password history, and encrypt all the information tracked.

Examples of providers for these solutions: Duo (MFA), Passportal (password management)

What Should You Expect In Your Cybersecurity Tech Stack?

Backup and Disaster Recovery

In case of data disaster, businesses need to retrieve lost information as soon as they possibly can.

Backup and disaster recovery (BDR)solutions are aimed at making sure that any vulnerable information in your business, whether it’s data stored on internal servers, external cloud data, or website data, is backed up and can be restored instantly.

BDR is a way of preparing for the worst, because data breaches can be incredibly costly to SMBs.

The average time it takes for a company to identify and contain a data breach in their system is 279 days—that’s over nine months

The issue is that many businesses do not have any form of BDR in place, making this an important part of any cybersecurity strategy.

Then we have software-as-a-service backup, which protects the data that people handle on their cloud apps, as well as website backup, which restores all data from your website in the event of a breach.

Examples of providers for these solutions: VirtualImage (BDR), Backupify (SaaS), CodeGuard (Web) 

Monitoring

Last, but by no means least, the final component of a cybersecurity tech security stack is monitoring. 

Monitoring tools provide total visibility into your network and find vulnerabilities.

These tools include vulnerability scanning, security information and event management (SIEM), and network detection and response (NDR).

Vulnerability scanners use machine learning to automatically assess risks associated with functions and processes across your hybrid network—whether in the cloud or internally.

When vulnerabilities are detected, they are prioritized in terms of their threat level and patched to ensure safety.

SIEM is a monitoring and event management solution that can be integrated with several major tech providers like Microsoft. This solution will alert you if it recognizes, for example, a suspicious login or excessive failed login attempts, in addition to general instances of abnormal behavior across your network.

The SIEM effectively creates a centralized database of any and all threats and abnormalities discovered by the solution, escalating them to your IT team in real-time for remediation.

Network detection and response (NDR) is similar, but is more focused on network traffic analysis (NTA), detecting anomalies and providing more granular data on security events that raise suspicion.

An NDR solution will help a business increase their visibility into their network profile, offering a more extensive approach to threat detection than SIEM alone.

Examples of providers for these solutions: Qualys (vulnerability scanning), Perch (SIEM and NDR)

Bottom Line

We hope that by reading this blog post you now have a greater understanding of what a comprehensive cybersecurity tech security stack looks like for a modern business.

At Impact, we always recommend a multi-layered approach to business security that covers all your bases.

It’s unfortunately no longer the case that a simple firewall—or any one solution for that matter—will be sufficient for any organization in 2021.

In order to protect yourself to the fullest degree and avoid costly data breaches, consider having an expert audit your business’ cybersecurity and then build a strategy to address your weaknesses with the solutions we’ve looked at today.

Stay cybersafe!

Subscribe to our blog to receive more insights into business technology and stay up to date with marketing, cybersecurity, and other tech news and trends.

Recommended

Blog Post
Mar 15, 2023

Wide Format vs. Plotter Printers: 5 Differences

Wide format printers and plotters are machines that can produce […]
Blog Post
Mar 06, 2023

5 Must-Have Free Marketing Writing Programs

Marketing writing is more important than ever. In a sea […]
Blog Post
Mar 01, 2023

5 Business Benefits of Data Tracking

What is Data Tracking? Data tracking is collecting specific data […]