Guest Perspective: Layered cybersecurity helps businesses reduce cyber risk
Guest Perspective: Layered cybersecurity helps businesses reduce cyber risk
Publish Date: 2026-06-26 14:52:00
Source Domain: neworleanscitybusiness.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
KEY TAKEAWAYS:
The Swiss Cheese model emphasizes layering security controls to reduce cyber risk rather than relying on a single tool.
Multifactor authentication, SIEM, SOC monitoring and Business Email Compromise protection form the foundation of a layered defense.
Cybercriminals increasingly target small and midsized businesses because they often lack dedicated cybersecurity resources.
Experts say proactive cybersecurity investments help protect operations, reduce financial losses and support business continuity.
Picture a slice of Swiss Cheese. It has holes. Stack several slices on top of one another, and something remarkable happens: the holes no longer line up. That is the Swiss Cheese model of Cybersecurity — and it is the single most important concept any business owner or IT professional can understand about modern digital defense.
No single security tool is sufficient. Not a firewall. Not antivirus software. Not even the most advanced endpoint protection platform on the market. Every control has gaps. Layered defense — also called defense in depth — closes those gaps by stacking overlapping controls so that what one layer misses, another layer catches. For small and mid-sized businesses (SMBs), building that stack is not optional. It is a business continuity requirement.
But an experienced Managed Services Provider (MSP) can work with you to implement such tools as multifactor authentication (MFA), Security Information and Event Management (SIEM) and Security Operations Centers (SOC), and Business Email Compromise (BEC) protection, which can all work together as the foundation of a layered cybersecurity strategy.
Why Small Businesses Are Primary Cybersecurity Targets in 2025
A common misconception among SMB owners is that your small organization is too insignificant to attract cybercriminal attention. That assumption is dangerously wrong. Cybercriminals do not choose victims based on size. They choose them based on vulnerability.
Today’s threat actors are organized, well-funded, and operate at scale. Your small- to medium-sized business likely lacks dedicated IT security staff and mature security programs, making you an easy target in that sweep.
According to published reports, only 30% of small- to medium-sized businesses have increased their cybersecurity defenses, despite the fact that the average cost of a data breach for a small business now exceeds $200,000, according to a Microsoft report.
Let us go deeper into some solutions:
What is MFA, and why is it important?
Multifactor authentication (MFA) is the practice of requiring users to verify their identity through at least two independent methods before granting access to a system or application. Typically, MFA combines something the user knows (a password) with something the user possesses (a time-sensitive code generated by an authenticator app or sent via SMS).
Microsoft reports that enabling MFA blocks more than 99 percent of automated account compromise attacks. For SMBs with limited security budgets, MFA delivers an exceptional return on investment. It is among the least expensive controls to deploy and among the most effective at preventing breaches.
MFA should be enforced across every system that touches sensitive data or business operations, including:
Business email platforms (Microsoft 365, Google Workspace)
Remote access tools and VPN connections
Cloud-based business applications (ERP, CRM, accounting software)
Administrative and privileged accounts — with no exceptions for executives
Financial systems and banking portals
Many Cyber insurance carriers are now requiring MFA as a baseline condition of coverage. Organizations that have not yet deployed MFA may find their policies voided in the event of a breach or may face significantly higher premiums. Enabling MFA is no longer a best practice suggestion. It is a business requirement.
What Is SIEM? How Security Information and Event Management Protects SMBs
Security Information and Event Management (SIEM) is a technology platform that aggregates, correlates, and analyzes log and event data from across an organization’s entire IT environment. A SIEM platform ingests data from endpoints, servers, network devices, firewalls, cloud platforms, and applications, then applies rules-based correlation and machine learning to identify activity patterns that indicate a potential security threat.
For IT professionals, SIEM provides the visibility needed to detect threats that bypass perimeter defenses. For business owners, the practical value of SIEM is this: when an attacker gets past your firewall or credentials are compromised, the SIEM platform sees it. Without SIEM, that attacker can move silently through your network for weeks or months before anyone notices.
SIEM is no longer exclusively a technology for large enterprise organizations. Cloud-based SIEM solutions and managed SIEM services have made this capability accessible and affordable for SMBs through MSPs.
What Is a SOC? Why Your Business Needs 24/7 Security Operations
A Security Operations Center (SOC) is a team of trained cybersecurity analysts responsible for monitoring security alerts, investigating threats, and responding to incidents in real time. The SOC is the human intelligence layer that acts on the data generated by SIEM platforms and other detection tools.
Cyberattacks do not follow business hours. Attackers frequently launch intrusions overnight, on weekends, and during holidays — precisely because they know that most organizations are not actively monitoring their networks at those times. A SOC provides 24/7/365 coverage, ensuring that threat alerts are triaged and acted upon regardless of when they occur.
For most SMBs, building an in-house SOC is not financially practical. A fully staffed in-house SOC requires multiple analysts working in shifts, significant technology investment, and continuous training. The alternative is a managed SOC delivered through an MSP. A managed SOC provides enterprise-grade monitoring and response capability at a predictable monthly cost that you can budget for.
The combination of SIEM and SOC is the operational core of a mature cybersecurity program. SIEM provides the data. The SOC provides the analysis and response. Together, they close the detection gap that leaves your organization vulnerable even when preventive controls are in place.
What Is Business Email Compromise (BEC) and Why Is It So Dangerous?
Business Email Compromise (BEC) is one of the most financially destructive cyber threats facing businesses today. The FBI consistently ranks BEC as the highest-loss cybercrime category, accounting for billions of dollars in annual losses across all business sectors.
In a BEC attack, a cybercriminal impersonates a trusted party — a company executive, a vendor, or a payroll administrator — and manipulates an employee into transferring funds, changing payment account numbers, or surrendering sensitive login credentials. BEC attacks succeed because they exploit human trust, not technical weaknesses. No firewall blocks an employee who believes they are following a legitimate instruction from their CEO.
BEC attacks are commonly delivered through:
Spoofed email addresses that mimic a trusted sender’s domain
Compromised email accounts accessed through stolen or phished credentials
Social engineering techniques that create false urgency around wire transfers or payroll changes
Defending against BEC requires a combination of email authentication protocols (SPF, DKIM, DMARC), employee awareness training, and — critically — multifactor authentication on all email accounts. A compromised password alone should never be sufficient for an attacker to access and weaponize an employee’s inbox.
Conclusion: Build the Stack Now, Before You Need It
A layered cybersecurity defense for an SMB is not a single product purchase. It is a deliberate assembly of overlapping controls. The Swiss Cheese model captures a fundamental truth about cybersecurity: no single control is perfect. Every tool, every process, every layer has holes. The strategy is not to find the perfect slice. The strategy is to stack enough well-chosen, overlapping slices so that no hole runs all the way through.
For your small and mid-sized business that means deploying MFA without exception, protecting against Business Email Compromise with layered email security and employee training, gaining visibility through SIEM, and closing the detection gap with SOC coverage. These are not aspirational goals for a future budget cycle. They are the baseline requirements of operating your business safely in today’s threat environment.
Carl Mazzanti
Carl Mazzanti is president of eMazzanti Technologies in Hoboken, NJ, providing IT Consulting and Cybersecurity Services for businesses ranging from home offices to multinational corporations.
