Small and medium businesses (SMBs) are more vulnerable to cyber attacks than larger companies due to their increased use of cloud services, according to Fortinet’s Q3 Threat Landscape Report, released Tuesday.

SMBs, especially medium-sized companies, seem to be a “sweet spot” for attackers, to Anthony Giandomenico, senior security strategist and researcher at Fortinet, told TechRepublic. These companies are adopting cloud solutions faster than larger enterprises, and also tend to have less mature security programs in place, Giandomenico said.

While small businesses may be easier to successfully attack, medium businesses tend to have more data available, giving attackers more bang for their buck.

SEE: Network security policy (Tech Pro Research)

The report, which tracked exploits, malware, and top botnets in Q3 2017, saw an increase in attempted attacks heading into the holiday shopping season. Attacks lulled over the summer, picking up speed in September and increasing until the end of the quarter. Giandomenico compared attackers to department stores: They both make the bulk of their money during the holiday season.

Giandomenico gave four tips for SMBs looking to protect their networks:

1. Understand everything you’re responsible for

You can’t protect something if you don’t know about it. Make sure you know about all of the assets you’re in charge of at your company.

2. Limit user access

Not everyone in the company needs admin status, Giandomenico said. Only give users access to the accounts they actually need to better protect key assets.

3. Remove as many apps as possible

Apps can open business networks up to more potential threats, so the fewer of them, the better. Giandomenico recommends deleting all non-business or unnecessary apps to reduce potential vulnerabilities.

4. Practice good cyber hygiene

Fortinet found multiple instances of organizations seeing the same botnet several times because the company didn’t have a good response plan. It’s important to have a documented vulnerability patch process in place before it is needed. Prioritize patching based on impact, and know when something may be outdated to the point it can no longer be patched.

SEE: Essential reading for IT leaders: 10 books on cybersecurity (free PDF) (TechRepublic)

The 3 big takeaways for TechRepublic readers

  1. Small and medium-sized businesses are more susceptible to cyber attacks because they tend to be faster adopters of cloud technology, a new Fortinet report said.
  2. Fortinet gave four quick ways to for SMBs to safeguard their network: Know all of your assets, limit user access, remove unnecessary apps, and practice good cyber hygiene.
  3. The report found a lull in attempted attacks over the summer, with attempts picking up in September and increasing until the end of the quarter. It estimates this trend will continue upwards during the holiday shopping season.