Why protecting smaller businesses is the key to keeping big businesses safe when it comes to supply chain risk

Zerowl

March 25, 2026

Why protecting smaller businesses is the key to keeping big businesses safe when it comes to supply chain risk

Most big businesses now accept an uncomfortable truth: the easiest way to get into a well-protected business is often through a smaller partner This article explores cybersecurity big companies. . In 2023, 41% of small businesses in the US said they had been the target of a cyberattack, which cost them an average of $8,300.

Almost half of the businesses with fewer than 50 employees don't have a budget for cybersecurity. Big companies have the tools and people they need for teams. Attackers plan around the fact that small businesses don't always have them. The World Economic Forum calls this "cyber inequity": cybersecurity is not evenly spread out among companies of different sizes.

The risk is always there, and it's big enough to stop operations, not just cause a cleanup bill.

The cyber industry needs a model that helps smaller vendors if they want third-party risk to really go down. In practice, this means matching expectations with what can be done and then checking results with proof, not promises. Small and medium-sized businesses (SMBs) shouldn't have to put together a patchwork of tools, rules, consultants, managed service providers, and other things on their own.

The UK, Singapore, and Australia all have different versions of a "Cyber Essentials" baseline standard for small and medium-sized businesses. Companies all over the world can easily adopt these standards to make sure that their cyber and data needs for procurement are in line with something that has already been designed, developed, and tested by thousands of small and medium-sized businesses (SMBs) around the world.

A baseline that can be defended should be: - Easy to set up because complexity debt turns into security debt - Easy to use because controls fail during maintenance - Producing evidence, since "prove it" is part of the requirement - Realistic for hybrid work, where protection has to fit the strange work hours of SMB employees. The simple change in strategy is to stop thinking of supply chain security as a paperwork issue and start thinking of it as ecosystem resilience.

Why protecting smaller businesses is the key to keeping big businesses safe when it comes to supply chain risk

Trending News

Coruna, DarkSword, and Democratizing Nation-State Exploit Kits

Coruna, DarkSword, and Democratizing Nation-State Exploit Kits

Apple Sends Lock Screen Alerts to Old iPhones About Active Web-Based Exploits

Apple Sends Lock Screen Alerts to Old iPhones About Active Web-Based Exploits

Wartime Usage of Compromised IP Cameras Highlight Their Danger

Wartime Usage of Compromised IP Cameras Highlight Their Danger

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Hackers use phishing ZIP files to send PXA Stealer to steal money from banks and other financial institutions.

Hackers use phishing ZIP files to send PXA Stealer to steal money from banks and other financial institutions.

China improves the backdoor it uses to spy on telecom companies around the world.

China improves the backdoor it uses to spy on telecom companies around the world.

Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack

Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Attacks on infrastructure that have physical effects are down 25%.

Attacks on infrastructure that have physical effects are down 25%.

How mistakes can help businesses improve their security programs

How mistakes can help businesses improve their security programs