Security Monitoring

Many of the systems and devices which SMEs employ, such as servers, firewalls, and anti-virus software, can log and record system activity to support troubleshooting and maintenance. In many cases, this also includes recording any suspicious activity that could be related to a potential security breach. However, by default there often is no facility to generate alerts which often results in breaches occurring without the victim organizations being aware.

So while SMEs may have the data to alert them to suspicious activity on their systems or breaches, that data is not being actively monitored to alert the SME to these incidents. This is similar to having a burglar alarm installed on the premises but not turning it on.