Techaisle Blog

In today's complex threat landscape, security is no longer an optional add-on but rather a fundamental requirement for businesses of all sizes. Lenovo's ThinkShield security platform addresses these needs with a multi-layered approach, providing robust protection from the supply chain to the cloud. This article will explore the key components of Lenovo ThinkShield, its benefits, and how it compares to the competition, HP.

Lenovo's ThinkShield security framework employs a multi-layered approach to safeguard devices throughout their lifecycle. The foundation rests on a Zero Trust Supply Chain, prioritizing the integrity of devices from their inception. This layer ensures that hardware components are genuine and free from tampering during manufacturing. Building upon this, the Below the OS layer focuses on firmware-level protection, encompassing critical components like the BIOS and enabling secure remote management capabilities. Finally, the OS-to-Cloud layer addresses specific security needs and provides comprehensive endpoint protection by integrating with various operating systems and cloud-based security services. This layered approach offers a robust defense against evolving threats by addressing security vulnerabilities at multiple levels, from the hardware to the cloud.

Zero Trust Supply Chain: Securing the Foundation

Zero Trust is a pivotal strategy in today's dynamic business landscape, particularly for mobile and remote workforces. As organizations increasingly rely on "systems of engagement" to connect with customers and suppliers and embrace cloud-centric IT delivery models, Zero Trust becomes crucial for achieving agility. However, the impact of cybersecurity extends beyond mere agility. Effective cybersecurity fosters rapid innovation and expedites market entry by enabling the secure utilization of data for critical insights without escalating business and compliance risks. Furthermore, robust cyber resilience is paramount for building resilient supply chains. This mitigates the impact of erratic pricing, delivery disruptions, and other vulnerabilities that can erode customer relationships, damage market share, and even threaten the viability of SMBs and midmarket businesses.

While Zero Trust provides a foundational framework for secure operations, its effectiveness hinges on the security of the individual devices that access and interact within this framework. Recognizing this, Lenovo prioritizes device security from its very inception. The foundation of this approach lies in its robust supply chain security, centered around the Trusted Supplier Program. This program involves a rigorous vetting and validation process for all partners and suppliers, ensuring the integrity of components even before they are integrated into Lenovo devices. A key component of this layer is "Build Assure," a unique offering that provides a comprehensive view of the components within a device at the point of manufacturing, further enhancing transparency and control over the device's security posture.

• Encrypted Snapshots: Build Assure takes an encrypted snapshot of the critical components within a device during manufacturing. The IT team can then use this snapshot to validate that the components are legitimate and have not been tampered with during the manufacturing or logistics process.
• Runtime Attestation: Lenovo has enhanced this offering to include runtime attestation. This allows IT teams to verify the integrity of device components not just at the point of delivery but also at any point after the device has been deployed. This feature is particularly valuable in today's hybrid and remote work environments, where devices can be exposed to various risks.
• Verification of Components: IT managers can confirm that all components are legitimate and have not been tampered with. This offers supply chain security and provides governance by verifying that components are correctly sourced.

A recent update from CrowdStrike caused a widespread outage, termed the largest in history. The IT outage highlighted the vulnerability of SMBs to large-scale tech outages and their dependence on third-party IT services. It also underscored the need for better preparedness and potentially more diverse IT ecosystems to mitigate such risks in the future. Cybercrime is predicted to cost $14.57 trillion globally in 2024, and it would be the world's third-largest economy after the US and China. This underlines the importance of robust cybersecurity. The incident raises a concerning question: what happens when the guardians become the source of disruption? The CrowdStrike-related outage was not caused by a cyberattack, but rather by a defect in a software update, highlighting the importance of operational resilience beyond just cybersecurity measures. Analysts estimate the global cost of this outage to be as high as $24 billion as of now.

Uneven Recovery for SMBs

A Techaisle survey of 600 small businesses indicates that 34% expect customer reputation damage and 23% anticipate significant bottom-line impacts due to operational challenges. Logistics complications from inventory management to shipment tracking caused business friction. Communication issues with clients, suppliers, and staff led to delays and missed opportunities, while financial activities like processing payments and managing invoices suffered. Some businesses also faced customer service obstacles, leading to customer dissatisfaction and reputational harm.

The recent CrowdStrike outage has highlighted the essential need for dependable tech in today’s businesses and the severe impact that short downtimes can have, especially on SMBs. It's a stark reminder of the importance of solid IT frameworks and contingency planning. Small businesses suffer disproportionally during such outages due to leaner cyber defenses and limited personnel, which are significant hurdles when crises strike. The manual resolution required here spotlighted these weaknesses. Small IT teams, typically stretched thin with various duties, found it tough to manage the fix across several devices, leading to overtime work to fix crucial operations.

SMBs are the backbone of any economy and are crucial in driving innovation and creating jobs. Yet, when it comes to cybersecurity, they often lag behind larger enterprises, lacking the resources and expertise to defend against sophisticated cyberattacks. This is where Managed Detection and Response (MDR) emerges, offering SMBs a cost-effective and scalable solution to secure their valuable data and infrastructure.

The cybersecurity landscape is littered with threats, and small and medium-sized businesses (SMBs) are often the most vulnerable targets. According to Techaisle's research, not many SMBs are aware of Managed Detection and Response (MDR) services, a powerful tool designed to safeguard against cyberattacks. This begs the question: are SMBs missing out on a critical line of defense in today's ever-evolving digital landscape?

Awareness drives adoption

Techaisle’s SMB and Midmarket research data shows that small businesses are at a much earlier stage of their journey to MDR than their midmarket peers. Just 17% of companies with 1-99 employees report being aware of MDR, compared with 61% of core midmarket firms and 76% of upper midmarket organizations. Looking only at companies that are aware of MDR, current adoption rates mirror this pattern: 5% of small businesses that are aware of MDR are currently using these services versus 45% of core midmarket and 58% of upper midmarket organizations and virtually all companies that are aware of but not using MDR are either currently considering MDR or planning to evaluate these services within the next 12-18 months. These statistics indicate tremendous potential in each SMB segment: vendors must boost awareness of MDR’s benefits while executing an effective conversion strategy. This is especially true in small businesses – which should be an excellent fit segment for a managed service.

Selling sophisticated products to SMB customers is a significant challenge for IT vendors. This problem is especially acute with cybersecurity. Most SMB and Midmarket customer environments need defenses against many different types of threats, attackers, and threat vectors. Most SMBs lack the internal resources to understand what is required to protect against vulnerabilities and how different “shields” can be connected without leaving (or even creating) exploitable gaps in defense posture. Even the channel partners struggle to keep pace with simultaneous growth in threats and threat actors, vulnerabilities tied to in-use technologies or common business practices, and the ever-changing security vendor community.

SMB buyers are acutely aware of the threat cyber attacks pose to their businesses. The Techaisle SMB and Midmarket Security Adoption Trends survey of 2,035 IT and business decision-makers from SMB and upper midmarket firms found that nearly 30% of SMBs (1-999 employees) consider cyber attacks to be among the top three issues facing their business, with an additional 26% stating that it is the most pressing/critical IT issue facing their firms. However, less than half of the respondents were more optimistic, choosing one of three responses: “it is a critical issue, but we have established best practices to control cyber attacks,” “it is one of many different issues, and we are satisfied with our status,” or “cyber attacks are not a significant issue.”

Drilling down, we see that small businesses (1-99 employees) are less inclined to see cyber threats as a top-one IT issue or a top-three business issue; this likely arises from the fact that SMBs have less mature IT operations (meaning that many factors that are controlled in larger firms could represent top IT issues) and that they face a wide array of daily business challenges. The data showing that small businesses are likelier to have established best practices to control cyber attacks probably isn’t grounded in market reality: small businesses that handle security internally lack the resources needed to deploy optimal defenses.

However, those relying on a capable third party may reasonably claim to use best practices. Most worrying from this data, though, are the top two bars, indicating that 22% see cybersecurity as “one of many issues, and we are satisfied with our status,” with another 12% claiming that “cyber-attacks are not a significant issue.” There are small businesses – for example, individuals billing larger businesses for hourly labor – for whom cyber attacks wouldn’t represent a critical issue. However, the data shows that one-third of small businesses are unconcerned about cybersecurity. In contrast, independent studies show that most small businesses fail within six months of being breached. Techaisle thinks these businesses likely struggle to find financial justification for investments in meaningful cyber defense and instead persuade themselves that this is not a real business problem for them. Techaisle suspects that many of these firms are tuned into vulnerabilities associated with digital business practices and might be persuadable concerning the value of cybersecurity if issues and remedies were clearly and convincingly presented to them.

Core midmarket (100-999 employees) and upper midmarket (1000-4999 employees) businesses take a more proactive view of these issues. Approximately two-thirds of respondents in each group view cyber attacks as either their most critical IT issue or a top-three business issue, with the core midmarket group evenly split between these positions and the upper midmarket more likely to identify cyber as a top IT concern. More than 80% of these organizations are focused on establishing effective cyber defenses and should be viewed as prime candidates for effective solutions.

Should SMBs worry about cyber attacks?

The data above begs a related question: Is the lack of concern demonstrated by small businesses rooted in reality – is it the case that one-third of respondents don’t have much to fear from cyber-attacks?