by Zach Fuller

Cybersecurity Software to Protect Small Businesses?

Although Silent Sector tends to work with mid-market and emerging companies, we get asked regularly by small businesses, "What tools or software can we buy to protect our company?"
Cybersecurity presents ever evolving risk factors for all organizations.  Small and mid-size businesses (SMBs) tend to be the most affected as they struggle to allocate enough resources to provide adequate protection.  Budget, time, and understanding of the subject matter are all limiting factors.  As a result, many SMB's look toward buying a software solution or tool as a quick answer to protect their organization.  The cybersecurity industry is quick to sell tools and technologies because it is a highly profitable business model.  However, cybersecurity professionals know that tools and technology alone do not adequately protect companies.
Savvy organizations, large and small, understand the need to align with an industry-standard cybersecurity framework.  These frameworks provide a list of activities and functions to have in place, most of which can be accomplished with the tools and technologies an SMB already has.  We recommend Center for Internet Security (CIS) Controls for most SMBs, unless another framework is specifically required (e.g. NIST SP 800-171a for US Government contractors).  
Smaller organizations will generally fall under CIS Controls "Implementation Group 1" which is a very achievable process, so long as they are willing to follow it.  Implementation Group 1 includes security fundamentals that when put in place, are far more effective than any software or security tool.  While tools are used to implement some of the recommendations, most can be done without extra expenditure.  Implementation Group 1 includes basic best practices such as maintaining an up-to-date inventory of your technology assets, ensuring unauthorized software is removed and blocked from user machines, devices are patched with the most recent security updates, ensuring backups are properly protected, and more.
You can download the CIS Controls spreadsheet and supporting documentation at
If I had to recommend a single software solution for SMBs, it would be the Sophos Intercept X product for endpoint protection.  Sophos provides an excellent security suite that leverages the latest technologies and is much easier for SMBs to manage than others on the market.
Let's Connect

About the Author

Written by Zach Fuller

Zach Fuller is an entrepreneur who has built businesses in multiple industries. He served as Green Beret in the U.S. Army, conducting highly sensitive combat operations in Afghanistan. Zach was awarded a Bronze Star Medal and other decorations for his actions overseas. He later built an investor relations team for a private equity company. Holding the role of Executive Vice President, he lead the team to raising well over $300,000,000 in private capital to acquire real estate assets and making it to the Inc. 500 list of Fastest Growing Private Companies. Zach is a Certified Ethical Hacker and founding partner of Silent Sector, where he is focused on mid-market and emerging companies which he considers to be the backbone of the American economy and our way of life.
Find me on:, Apple Podcasts, Amazon, and