There is no universal good enough when it comes to security, it is overwhelming because the truth is, if someone wants to get it, they will. Imagine your home is located in a high crime city and there is no local police. You would not leave your home without confirming the windows are closed and doors locked, but when is the last time you looked at your firewall and confirmed there are no open ports? That open port is the equivalent of an open window to a business in the unlawful world of the Internet. Further, if open ports are the only thing we needed to look for, our jobs would be easy… and our job is not easy.
Cybercriminals don’t discriminate between small and large businesses, they use automation to attack everyone until they find the easy targets. Many businesses ignore the situation and justify their logic saying, "Hackers would rather go after Google or Microsoft." Don't fool yourself thinking that firewall you purchased last year is good enough. Especially if you have not performed periodic reviews to confirm there are no new vulnerability for the way it was configured.
Hungerford Technologies takes a layered approach of both active and periodic systems and process. There are industry accepted baseline solutions such as a locked down firewall, endpoint protection, phishing testing and periodic assessments that we include for all Advisory customers. Beyond that it gets specific to the customer environment and how they operate which we advise and provide recommendations to find an appropriate balance between budget and security.