{"id":25715,"date":"2025-09-26T02:22:54","date_gmt":"2025-09-26T06:22:54","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=25715"},"modified":"2025-09-29T02:16:16","modified_gmt":"2025-09-29T06:16:16","slug":"ignoring-smb-security","status":"publish","type":"post","link":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/","title":{"rendered":"The forgotten majority: Why ignoring SMB security weakens everyone"},"content":{"rendered":"<p data-start=\"1042\" data-end=\"1373\"><em>From clinics to contractors, small businesses hold the keys to payrolls, portals and supplier data and attackers know it! In this Perspectives piece, Cybersecurity Technical Fellow <a href=\"https:\/\/www.sherweb.com\/blog\/tag\/author-roddy-bergeron\/\">Roddy Bergeron<\/a> explains why overlooking SMB security puts everyone at risk, and how the channel can reset the standard around outcomes that prove resilience.<\/em><\/p>\n<h2>Stop pretending the castle stands when the village burns<\/h2>\n<p>If you work in this channel, you already know the truth we keep soft-pedaling, enterprise programs fail the minute a small partner becomes the entry point. We parade frameworks and tool stacks on stage and then one compromised mailbox with silent forwarding rules unravels an entire relationship.<\/p>\n<p>SMBs aren\u2019t a niche. They are the economy. Contractors, clinics, schools, specialty manufacturers, professional services shops. They sit on payroll data, health records, intellectual property, supplier portals and the vendor access enterprises grant because business must move. That access is the adversary\u2019s shortcut.<\/p>\n<p>One 2025 case showed <a href=\"https:\/\/www.huntress.com\/blog\/remote-monitoring-management-tools-gateway-for-attacks-on-msp-pt-1?utm_source=chatgpt.com\">a hijacked RMM<\/a> letting an intruder fan out into <strong>three<\/strong> downstream tenants before the SOC cut it off, and industry reporting the same year documented <a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/email-bombing-vishing-tactics-abound-microsoft-365-attacks?utm_source=chatgpt.com\">Microsoft 365 compromises<\/a> driven by inbox-rule manipulation and vishing. None of those victims had \u201cweak\u201d stacks on paper. They had thin operations, delayed detection, noisy alerting and no one was on the hook for decisive response. That\u2019s not a tooling problem. That\u2019s a responsibility and accountability problem.<\/p>\n<p>The channel owns this. If we keep treating SMB security as optional, we\u2019re not just failing small businesses, we\u2019re weakening the supply chain that depends on them.<\/p>\n<h2>SMBs are leverage, not \u201csmall\u201d<\/h2>\n<p>Attackers don\u2019t chase brand prestige; they chase ROI. The math is obvious:<\/p>\n<ul>\n<li><strong>Less friction.<\/strong> Smaller teams mean fewer eyes on telemetry and longer gaps between suspicious activity and action.<\/li>\n<li><strong>Rich data.<\/strong> A 40-person accounting firm holds enough tax and payroll detail to power weeks of fraud, BEC and identity abuse.<\/li>\n<li><strong>Amplifiers everywhere.<\/strong> MSP tools, vendor portals, supply-chain APIs\u2014one foothold turns into many.<\/li>\n<\/ul>\n<p>When a 70-person fabrication shop is locked by ransomware, it\u2019s not just one company\u2019s downtime. It\u2019s a line stoppage two tiers up, penalty clauses, potential regulatory fines, and reputational damage rippling across an industry. When a regional MSP is pivoted through, you don\u2019t have \u201ca breach\u201d; you have a broadcast.<\/p>\n<p>Treating those events like isolated SMB incidents is how we normalize systemic risk. The village is the firebreak. If we let it burn, the castle goes next.<\/p>\n<h2>Can enterprise SOCs actually absorb upstream risk from smaller partners?<\/h2>\n<p>I hear this from large programs: <em>\u201cOur perimeter, our controls, our SOC will catch supplier fallout.\u201d<\/em><\/p>\n<p>That assumption breaks in three places:<\/p>\n<ol>\n<li><strong>Access happens upstream of you.<\/strong> If an attacker owns a supplier mailbox, they own the context you trust\u2014POs, invoices, shipping updates. They aren\u2019t breaching your firewall; they\u2019re replying in thread.<\/li>\n<li><strong>Paperwork isn\u2019t a control.<\/strong> We love vendor questionnaires because they\u2019re measurable. Attackers love them because they\u2019re meaningless. \u201cMFA enabled\u201d is not an outcome if push fatigue or malicious OAuth grants walk right past it.<\/li>\n<li><strong>Time beats tools.<\/strong> The delta between first malicious action and the first human looking at the right signal is where damage compounds. Businesses don\u2019t fail because they lack features; they fail because no one contained the thing that mattered, in time.<\/li>\n<\/ol>\n<p>Enterprise security doesn\u2019t \u201cabsorb\u201d SMB risk. It <em>inherits<\/em> it. If your suppliers and partners can\u2019t detect, contain, and prove, your controls will meet the attacker after the attacker has already been trusted.<\/p>\n<h2>What outcomes define a defensible security program?<\/h2>\n<p>Thought leadership that stops at \u201cSMBs matter\u201d is useless. Here\u2019s the <strong>scorecard<\/strong> I expect any defensible SMB program\u2014or any MSP claiming to deliver one\u2014to put on the table. This isn\u2019t marketing theater. It\u2019s the minimum viable accountability the channel should demand.<\/p>\n<h3><strong>1) Mean Time to Detect (MTTD)<\/strong><\/h3>\n<p>If you discover business email compromise because a customer complains about a fake invoice, you didn\u2019t detect and you were notified. Near-real-time identity and mailbox signal is non-negotiable. A detection window measured in <strong>hours<\/strong>, not days, changes the economic outcome every single time.<\/p>\n<h3><strong>2) Mean Time to Respond (MTTR)<\/strong><\/h3>\n<p>Containment is the only metric that matters after detection. Disable the account, revoke tokens, kill persistence, rotate secrets, restore integrity. If your playbook requires a war room and six approvers, you built for theater, not survival. <strong>Same day<\/strong> containment is the standard.<\/p>\n<h3><strong>3) Dwell time<\/strong><\/h3>\n<p>Attackers don\u2019t need a month to hurt an SMB. They need an afternoon. Every extra day inside is another day of silent forwarding, credential lifting, persistence planting and lateral staging. If dwell time crosses <strong>24 hours<\/strong>, you\u2019re stretching your luck and your insurer\u2019s patience.<\/p>\n<h3><strong>4) User resilience<\/strong><\/h3>\n<p>I don\u2019t care how pretty the LMS looks. If users still click everything and report nothing, you bought posters. Show behavior change: declining phish success, rising user-generated reports, faster internal escalation. That\u2019s the human control surface that actually moves risk.<\/p>\n<h3><strong>5) Audit-ready evidence<\/strong><\/h3>\n<p>Boards, customers, regulators and carriers don\u2019t buy promises. They buy proof. If it takes you a week to assemble logs and screenshots after an incident, you\u2019re gambling with renewal and reputation. \u201cEvidence pack in minutes\u201d is not a luxury; it\u2019s table stakes for the modern SMB.<\/p>\n<p>The <strong>point<\/strong> of this scorecard isn\u2019t to sell a framework. It\u2019s to reset the conversation from \u201cwhat\u2019s deployed\u201d to \u201cwhat\u2019s delivered.\u201d If you can\u2019t show movement on these five, the rest is noise.<\/p>\n<h2>What MSPs, vendors, distributors and insurers must change<\/h2>\n<p>Everyone in our ecosystem has a job here. None of them involve another slide of product logos.<\/p>\n<h3><strong>MSPs: Prove the outcome<\/strong><\/h3>\n<p>MSPs are the operators of record. That comes with accountability. The channel shouldn\u2019t accept SKUs as a strategy. We should expect MSPs to publish their operating model: who triages, how fast, how containment is authorized and where the human is on the loop. Without commitments backed by evidence, an MSP isn\u2019t selling security, they\u2019re reselling hope.<\/p>\n<h3><strong>Vendors: Design for constraints, not aspirations<\/strong><\/h3>\n<p>If your \u201cSMB version\u201d assumes a full-time analyst, you built for yourself, not the customer. Ship default-quiet detections that point to decisions. Collapse configuration paths. Produce evidence, not exports. Charge for value, not volume.<\/p>\n<p><strong>Do:<\/strong> prioritize identity signals, kill-chain-adjacent detections, safe-by-default response, report packets a manager can actually use.<br \/>\n<strong>Don\u2019t:<\/strong> pretend a feature parity matrix is \u201csupporting the channel.\u201d<\/p>\n<h3><strong>Distributors &amp; Marketplaces: Curate signal over catalog<\/strong><\/h3>\n<p>More is not better. Stop celebrating how many items are in the aisle and start owning the outcomes your stack can deliver together. Bundle to operations, not to discounts.<\/p>\n<h3><strong>Insurers: Reward proof, not paperwork<\/strong><\/h3>\n<p>If you want risk to go down, pay for it to go down. Replace \u201cgotchas\u201d with incentives: lower premiums for demonstrated detection\/containment performance; playbooks exercised, not imagined.<\/p>\n<h3><strong>Regulators &amp; large buyers: Write to the operator you actually have<\/strong><\/h3>\n<p>A 50-person firm can\u2019t implement a defense department spec. Calibrate. If you want a safer supply chain, require <strong>outcome evidence<\/strong> aligned to size and risk, not copy-paste controls the SMB will never truly run.<\/p>\n<p>This is what leadership in the channel looks like: choosing the hard thing\u2014operations and outcomes\u2014over the easy thing\u2014announcements and alignments.<\/p>\n<h2>The real test is speed and proof<\/h2>\n<p><strong>\u201cBut we already covered pillars.\u201d Good. This isn\u2019t pillars.<\/strong><\/p>\n<p>You\u2019ve heard me talk about stacks and operational discipline before. This isn\u2019t a retread. Pillars and best practices matter, but the channel has a habit of hiding behind them. What I\u2019m asking for here is simpler and harder: <strong>pick the handful of outcomes that define whether a small business survives contact with a real adversary and align everything you sell or support to those outcomes.<\/strong><\/p>\n<p>This is not about perfect coverage. It\u2019s about decisive advantage: <em>faster detection, faster containment, less room for quiet persistence, humans who escalate instead of hesitate and proof that convinces the people who write checks and policies.<\/em><\/p>\n<h2>How quickly can smaller programs show meaningful progress?<\/h2>\n<p>Here\u2019s the point: when the channel delivers real support, SMBs can show progress faster than most people expect. The key is focus. Think tight execution in the few areas that shift attacker economics. A defensible program comes from steps that can be proven, not years of theory.<\/p>\n<ul>\n<li><strong>Identity first.<\/strong> Enforce MFA, cut stale privileges, kill legacy auth. The next suspicious login should be spotted and contained the same day.<\/li>\n<li><strong>Endpoints quiet by default.<\/strong> Run curated detections that point to decisions. Prove you can contain a test incident in under an hour.<\/li>\n<li><strong>Evidence on demand.<\/strong> Produce an incident pack in minutes, not days. Show customers, regulators, and insurers you can back up your claims.<\/li>\n<\/ul>\n<p>When those conditions shift, you don\u2019t just have \u201cbetter hygiene.\u201d You have proof: detection is faster, containment is tighter and resilience is visible to everyone who matters. That\u2019s the bar the channel should hold itself to.<\/p>\n<h2>What we should stop doing (because it\u2019s costing SMBs real money)<\/h2>\n<ul>\n<li><strong>Buying noise and calling it visibility.<\/strong> If your stack creates more questions than decisions, it\u2019s debt.<\/li>\n<li><strong>Confusing configuration with operations.<\/strong> A control unmonitored is a control you don\u2019t have.<\/li>\n<li><strong>Treating training like theater.<\/strong> If behavior doesn\u2019t change, you ran a seminar, not a control.<\/li>\n<li><strong>Equating exports with evidence.<\/strong> Screenshots and CSVs are not how you convince an auditor or a carrier.<\/li>\n<li><strong>Celebrating catalogs.<\/strong> Choice without curation is how small teams drown.<\/li>\n<\/ul>\n<h2>How resilience is earned<\/h2>\n<p>Security that ignores SMBs isn\u2019t security. It\u2019s a nice story that ends the moment somebody forwards a poisoned invoice from a trusted domain.<\/p>\n<p>The channel has to move first. MSPs need to show outcomes, not dashboards. Vendors need to build for the operator that actually exists. Distributors need to curate to decisions, not to margin. Insurers need to reward provable progress. Large buyers and regulators need to ask the only question that matters: <em>Can this small partner detect, contain, and prove\u2014fast?<\/em><\/p>\n<p>We do not need another press release. We need a measurable drop in dwell time across the long tail of the economy. We need fewer \u201cwe found this by accident\u201d moments and more \u201cwe caught it and killed it the same day.\u201d We need proof.<\/p>\n<p>Until the forgotten majority is fully included, every enterprise strategy is\u2014by design\u2014brittle. The village keeps the castle standing. Treat it that way.<\/p>\n<hr \/>\n<p><em>If you want to know whether an SMB program is defensible, start with the scorecard above. Put names and times next to each line. In three months, look at the numbers again. If they moved, you\u2019re delivering security. If they didn\u2019t, you\u2019re selling theater.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>From clinics to contractors, small businesses hold the keys to payrolls, portals and supplier dat","protected":false},"author":188,"featured_media":25716,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[753],"tags":[919,1121,1179,1180,1181,1182],"class_list":["post-25715","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cybersecurity","tag-author-roddy-bergeron","tag-smb-security","tag-cyber-resilience","tag-supply-chain-risk","tag-security-outcomes"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Ignoring SMB security weakens everyone | Sherweb<\/title>\n<meta name=\"description\" content=\"SMB security is the backbone of supply chains. Ignore it, and every strategy becomes brittle. Outcomes, not tools, decide resilience.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ignoring SMB security weakens everyone | Sherweb\" \/>\n<meta property=\"og:description\" content=\"SMB security is the backbone of supply chains. Ignore it, and every strategy becomes brittle. Outcomes, not tools, decide resilience.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-26T06:22:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-29T06:16:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/WVDsecurity-1200x480@2x.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"920\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Roddy Bergeron\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roddy Bergeron\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/\"},\"author\":{\"name\":\"Roddy Bergeron\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"headline\":\"The forgotten majority: Why ignoring SMB security weakens everyone\",\"datePublished\":\"2025-09-26T06:22:54+00:00\",\"dateModified\":\"2025-09-29T06:16:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/\"},\"wordCount\":1787,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/WVDsecurity-1200x480@2x.png\",\"keywords\":[\"Cybersecurity\",\"Author: Roddy Bergeron\",\"SMB security\",\"Cyber resilience\",\"Supply chain risk\",\"Security outcomes\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/\",\"name\":\"Ignoring SMB security weakens everyone | Sherweb\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/WVDsecurity-1200x480@2x.png\",\"datePublished\":\"2025-09-26T06:22:54+00:00\",\"dateModified\":\"2025-09-29T06:16:16+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"description\":\"SMB security is the backbone of supply chains. Ignore it, and every strategy becomes brittle. Outcomes, not tools, decide resilience.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#primaryimage\",\"url\":\"\\\/blog\\\/wp-content\\\/uploads\\\/WVDsecurity-1200x480@2x.png\",\"contentUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/WVDsecurity-1200x480@2x.png\",\"width\":2400,\"height\":920,\"caption\":\"SMB security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/ignoring-smb-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"The forgotten majority: Why ignoring SMB security weakens everyone\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\",\"name\":\"Roddy Bergeron\",\"description\":\"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\\\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/roddy-bergeron-cissp-ccsp-csap-33432573\\\/\"],\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/author\\\/roddy-bergeron\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ignoring SMB security weakens everyone | Sherweb","description":"SMB security is the backbone of supply chains. Ignore it, and every strategy becomes brittle. Outcomes, not tools, decide resilience.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/","og_locale":"en_US","og_type":"article","og_title":"Ignoring SMB security weakens everyone | Sherweb","og_description":"SMB security is the backbone of supply chains. Ignore it, and every strategy becomes brittle. Outcomes, not tools, decide resilience.","og_url":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2025-09-26T06:22:54+00:00","article_modified_time":"2025-09-29T06:16:16+00:00","og_image":[{"width":2400,"height":920,"url":"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/WVDsecurity-1200x480@2x.png","type":"image\/png"}],"author":"Roddy Bergeron","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"Roddy Bergeron","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/"},"author":{"name":"Roddy Bergeron","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"headline":"The forgotten majority: Why ignoring SMB security weakens everyone","datePublished":"2025-09-26T06:22:54+00:00","dateModified":"2025-09-29T06:16:16+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/"},"wordCount":1787,"commentCount":0,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/WVDsecurity-1200x480@2x.png","keywords":["Cybersecurity","Author: Roddy Bergeron","SMB security","Cyber resilience","Supply chain risk","Security outcomes"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/","url":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/","name":"Ignoring SMB security weakens everyone | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/WVDsecurity-1200x480@2x.png","datePublished":"2025-09-26T06:22:54+00:00","dateModified":"2025-09-29T06:16:16+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"description":"SMB security is the backbone of supply chains. Ignore it, and every strategy becomes brittle. Outcomes, not tools, decide resilience.","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#primaryimage","url":"\/blog\/wp-content\/uploads\/WVDsecurity-1200x480@2x.png","contentUrl":"\/blog\/wp-content\/uploads\/WVDsecurity-1200x480@2x.png","width":2400,"height":920,"caption":"SMB security"},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/ignoring-smb-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.sherweb.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"The forgotten majority: Why ignoring SMB security weakens everyone"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795","name":"Roddy Bergeron","description":"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.","sameAs":["https:\/\/www.linkedin.com\/in\/roddy-bergeron-cissp-ccsp-csap-33432573\/"],"url":"https:\/\/www.sherweb.com\/blog\/author\/roddy-bergeron\/"}]}},"tag_names":["Cybersecurity","Author: Roddy Bergeron","SMB security","Cyber resilience","Supply chain risk","Security outcomes"],"_links":{"self":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25715","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/users\/188"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/comments?post=25715"}],"version-history":[{"count":2,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25715\/revisions"}],"predecessor-version":[{"id":25718,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25715\/revisions\/25718"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media\/25716"}],"wp:attachment":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media?parent=25715"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/categories?post=25715"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/tags?post=25715"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}