Cybersecurity is evolving quickly. At Cowbell’s first panel webinar, experts from across the industry gathered to explore critical threats beyond ransomware, unpack identity and cloud risks, and share practical strategies that empower small and medium-sized businesses (SMBs) to secure their digital operations.
Here’s a recap of the conversation and the key takeaways you need to protect your business today.
The Landscape Today: It’s More Than Just Ransomware
While ransomware continues to dominate headlines, it is far from the only threat. Our panelists agreed that the cybersecurity threat landscape is growing more sophisticated and multi-faceted, particularly for SMBs.
According to Cowbell’s SVP of Cybersecurity Services, Matthieu Chan Tsin, threats like identity theft, misconfigurations, and supply chain risks are rapidly becoming top concerns. The risk is not just operational, it is also reputational and financial.
Identity: The New Perimeter
Will Lynch (COO, Sentricus) and Andrew Surwilo (CEO, Cytex) emphasized that identity theft has become one of the most significant hidden threats facing SMBs. With over 80 percent of data breaches linked to compromised credentials, attackers no longer need to break in. They simply log in.
Key identity threats discussed include:
- Phishing and credential harvesting
- Inadequate multi-factor authentication (MFA)
- Poor visibility into active and orphaned user accounts
- Credential reuse across personal and professional environments
Karolis Arbačiauskas of Nordpass added that browser-based password managers are especially vulnerable to info-stealing malware. His advice: avoid sharing sensitive data over email, do not reuse passwords, and implement a strong password manager.
Cloud Misconfiguration: A Silent Risk with Major Impact
Yogita Parulekar, founder of Invigrid, pointed to cloud misconfigurations as a top driver of data breaches in 2024, and how they are just as dangerous as ransomware and third-party risks. Drawing from recent MIT research, she noted that most cloud risks stem from incorrect setups, whether in email systems, SaaS platforms, or cloud databases.
Her advice for mitigating misconfiguration risks:
- Separate development and production environments
- Centralize identity and access management
- Automate security into cloud deployments
- Regularly back up data and test recovery processes
- Set and monitor budgets to prevent cloud cost overruns
Yogita emphasized that the cloud can drive innovation, but only if it is configured securely from the beginning.
Supply Chain Risk: The Breach You Never Saw Coming
As businesses rely more on third-party tools and services, supply chain vulnerabilities are becoming high-risk vectors. Attackers often exploit smaller, less secure vendors as entry points to reach their intended targets.
Will and Andrew shared that visibility into vendor security is often lacking. Their recommendation is to use tools that automate threat surface analysis, assign trust scores to partners, and issue alerts when risks are identified.
Where SMBs Should Start
So, what is the best starting point for small and medium-sized businesses?
Our experts shared a few essential areas to prioritize:
- Identity and access management, including password hygiene and MFA
- Cloud configuration audits, especially in production environments
- Security awareness training for all employees
- Visibility into assets, identities, and third-party risk
- Automation and continuous monitoring to simplify protection
“Security should be everyone’s responsibility,” said Yogita. “Technology matters, but culture matters just as much.”
Key Tools and Recommendations
- Password Management: Nordpass provides secure, encrypted storage and auto-fill for complex credentials.
- Security Platforms: Scitex offers modular solutions combining compliance, threat detection, and real-time remediation.
- Cloud Security Automation: Invigrid enables secure-by-design cloud deployments tailored to innovation-driven SMBs.
- Cowbell Services: Cowbell provides continuous risk monitoring, threat intelligence, and partner access through the Cowbell Rx Marketplace.
Final Thoughts: The Human Element Still Matters Most
From AI-generated phishing emails to misconfigured cloud storage, today’s threats are diverse. However, they often start with simple human error. A strong cybersecurity strategy goes beyond technical tools. It requires building a culture of awareness, prevention, and continuous improvement.
As Yogita said, “An ounce of prevention is better than a pound of cure.”
Want to connect with the panelists? Visit cowbell.insure/Rx to learn more.