From Awareness to Action: Cyber Safety Online for Corporations and SMBs

Tyler Rasmussen | Vice President of Cybersecurity

Cybersecurity is no longer a question of if an organization will be targeted; it’s when and how prepared they are to respond.

During our recent Awareness to Action webinar, Executech and Sophos leaders Tyler Rasmussen and Chris Wanamaker explored how artificial intelligence is reshaping the cybersecurity landscape for small and mid‑sized businesses (SMBs). Their message was clear: while AI introduces new risks, it also creates powerful opportunities for organizations willing to take a proactive, structured approach to security.

Below, we break down the key takeaways and the practical steps every SMB should be taking now.

The Modern Threat Landscape: AI Has Changed the Rules

AI has dramatically lowered the barrier for cybercriminals. Attacks that once required time, technical skill, and manual effort can now be launched at scale with alarming precision.

Recent studies show that nearly half of SMBs have experienced AI‑generated phishing attacks, and many organizations now rank cyber incidents as their top operational risk, surpassing financial and supply chain concerns.

The implication is stark: businesses must assume threats are already present or actively probing their environment and shift their mindset from prevention alone to prevention, detection, and response.

AI: A Double‑Edged Sword

AI is not inherently the enemy. In fact, it plays a critical role in both offense and defense.

On the attacker side, AI enables:

• Convincing phishing emails written in perfect language
• Deepfake audio and video impersonation
• Automated reconnaissance and vulnerability discovery

On the defender side, AI can:

• Detect subtle anomalies humans might miss
• Correlate data across tools and environments
• Reduce alert fatigue and speed response times

The difference comes down to who is using AI better and with stronger governance.

Identity Is the New Perimeter

With remote work, cloud apps, and mobile devices now standard, traditional network boundaries no longer exist. Identity has become the primary attack surface.

Best Practices Every SMB Should Implement:

• Password Managers: Dedicated password managers (not browser‑based) ensure credentials are encrypted and only decrypted on the user’s device.
• Multi‑Factor Authentication (MFA): MFA should be enabled everywhere, especially for email, VPNs, and admin accounts.
• Single Sign‑On (SSO): Centralizing access through Microsoft Entra ID reduces password fatigue while improving visibility and control.

Sophos integrates seamlessly with Entra ID, allowing users to authenticate once with strong MFA and securely access multiple applications, including Sophos VPN and Sophos Central.

Patch Management and Vulnerability Visibility Are Non‑Negotiable

Unpatched systems remain one of the most common entry points for attackers.

During the webinar, Tyler and Chris emphasized the importance of:

• Automated patch management for operating systems and third‑party applications
• Moving away from manual updates toward policy‑driven, centralized tools like NinjaOne
• Continuous vulnerability scanning, not just annual or ad hoc assessments

Sophos Managed Risk expands visibility beyond laptops and servers to include IoT devices, printers, and externally exposed services, continuously checking for newly published CVEs and misconfigurations.

Strengthening the Human Firewall

Technology alone cannot stop social engineering.

Employees remain a primary target, especially as AI‑generated phishing and impersonation attempts become harder to spot.

What Works:

• Short, frequent security awareness training instead of annual sessions
• Regular simulated phishing campaigns using realistic, AI‑generated content
• Teaching users to validate unusual requests using known, trusted contact methods

Just as important: limiting online oversharing. Publicly available personal details give attackers the context they need to craft highly targeted attacks or convincing deepfakes.

AI Governance: The Missing Piece for Many Organizations

One of the most critical discussions during the webinar centered on AI misuse and governance.

Common risks include:

• Employees uploading sensitive data into public AI tools
• Accidental violations of HIPAA, PCI, or contractual obligations
• Supply chain threats caused by AI “hallucinations,” such as referencing non‑existent or malicious software packages

To address this, organizations must establish:

• Clear AI usage policies defining approved tools and prohibited data
• Technical controls to monitor and restrict risky AI usage
• Ongoing training to help staff recognize AI‑generated scams
• Regular reviews of vendor and partner AI practices

Executech helps organizations design and enforce these guardrails—turning AI from a liability into a controlled asset.

AI‑Driven Detection and Response with Sophos MDR

Even the most mature environments will face incidents. The difference lies in how quickly and effectively they respond.

Sophos Managed Detection and Response (MDR) combines AI with human expertise to:

• Correlate signals across endpoints, networks, and cloud environments
• Eliminate noise and surface real threats
• Isolate compromised devices and stop attacks in progress
• Perform root‑cause analysis to prevent repeat incidents

With flexible response models—from notify‑only to full incident response, organizations retain control while gaining 24/7 security operations support.

A Practical 30‑60‑90 Day Action Plan

To move from awareness to action, Tyler outlined a phased approach:

First 30 Days

• Deploy a password manager
• Enable phishing‑resistant MFA
• Consolidate applications behind SSO
• Automate patch management

Next 60 Days

• Launch updated security awareness training
• Draft and communicate an AI usage policy
• Begin monitoring AI tool usage
• Implement vulnerability scanning

By 90 Days

• Deploy MDR for full visibility and response
• Run AI‑based phishing simulations
• Harden device and application configurations
• Establish a quarterly AI risk review cadence

Final Takeaway: Policy, Technology, and Partnership Matter

AI is evolving faster than most organizations can manage on their own. Success requires:

• Clear policies
• Ongoing education
• Modern, AI‑enabled security tools
• Trusted partners who understand both the risks and the opportunity

With the right strategy, SMBs can stay ahead of AI‑driven threats—without slowing innovation.

Ready to take the next step? Executech and Sophos are here to help you turn awareness into action.