02 June 2025

From budget-stretched SMEs to global tech giants, the challenges are universal — but the strategies vary. We asked leading experts in network security to weigh in on what’s working, what’s affordable, and what every organisation needs to do to stay ahead of evolving cyber threats. Their responses paint a clear picture: security starts with visibility, is powered by smart design, and ultimately hinges on doing the basics — brilliantly.

Legislation with teeth

Few forces have reshaped the network security landscape more dramatically than the General Data Protection Regulation (GDPR) and the UK Data Protection Act. Their influence goes far beyond compliance paperwork.

“UK regulations like the GDPR and the Data Protection Act enforce strict guidelines on how businesses collect, process, and store personal data,” explains Gerald Beuchelt, CISO at Acronis. “They require robust security measures such as encryption, regular risk assessments, and clear breach notification protocols to ensure compliance, regardless of business size.”

This shift has been particularly transformative for smaller companies that once assumed security was only a concern for the enterprise tier.

“Regulations like the Data Protection Act and the upcoming Cyber Security and Resilience Bill have raised the stakes when it comes to protecting data,” says Gary Cox, Director of Technology for Western Europe at Infoblox. “For a lot of businesses, but particularly smaller enterprises with limited resources, complying with this kind of legislation can feel utterly daunting – but compliance doesn’t have to mean a complete overhaul.”

Evan Davis, Senior Manager of Solutions Engineering at TRENDnet, adds: “the GDPR and Data Protection Act influences security measures heavily, but Cyber Essentials predates GDPR/DPA. While not required, it served as a guide for businesses as to the ‘appropriate measures’ outlined for cybersecurity.”

For some, the regulatory landscape is even broader.

“There are also other rules and regulations to consider depending on your organisation’s industry,” warns Crystal Morin, Cybersecurity Strategist at Sysdig. “For financial companies doing business in Europe, for example, the Digital Operations Resilience Act (DORA) will likely apply.”

“Much of this has been done by a strong community of MSSP professionals who are providing ongoing services to their customers,” says Jonathan Whitley, Regional VP for Northern Europe at WatchGuard, noting that these frameworks can also open new business opportunities for those who achieve compliance.

Jonathan Whitley, WatchGuard

With tighter margins and leaner IT teams, particularly amid the present cost of living crisis, SMEs need to prioritise smart investments and strategic partnerships.

“Now, more than ever, businesses are finding themselves in a position where they have to do more with less, particularly when it comes to cybersecurity,” notes Cox. “But security doesn't have to come with a huge price tag. For SMEs, cloud-managed services that combine DNS, DHCP, and IP address management (often referred to collectively as DDI) are a good starting point, particularly if real-time threat detection is included. These tools increase visibility, reduce complexity, automate monitoring and alerts, and provide early warnings of suspicious activity without the need for a large in-house security team.”

According to Morin, open-source security tools are the most cost-effective solution for any organisation operating with a tight budget.

“And they don’t need to worry about missing out on adequate protection either, because there are some incredible security tools available for free,” advises Morin. “Consider using Open Policy Agent (OPA) to manage compliance with policy as code, making it easy to enforce policies across your entire environment. For real-time threat detection and the ability to start automating incident response, look at Falco. Using an open-source tool does mean that your organisation is the responsible maintainer for your deployment, and you must take care of patches and updates. But there are massive communities in place around open-source security projects like Falco that provide support.”

Beuchelt agrees that leveraging open-source tools, cloud-based security services, and affordable endpoint protection solutions can be effective: “the solution should integrate essential functionalities such as automated backup, disaster recovery (DR), patching and remote device management, and robust endpoint protection and response. These components ensure that you have comprehensive visibility into network activities and can generate detailed reports in the event of an incident."

Looking into the hardware, Phil Huang, Business Development & Field Application Manager at D-Link, suggests that SMEs should look to deploy enterprise-grade Wi-Fi 6 access points with the latest WPA3 Wi-Fi encryption for secure connectivity, and network management software, for centralised network management - all whilst reducing operational costs.

“Use a good router with a built-in SPI firewall and port blocking,” adds Davis. “For further protection, some routers feature IDS (Intrusion Detection Systems) and IPS (Intrusion Prevention Systems).”

Gary Cox, Infoblox

Simple, segmented, and secure — experts agree that a well-structured network is often the best deterrent.

“SMEs should design a simplified but segmented network architecture that isolates critical systems from less secure parts of the network,” says Beuchelt. “Key elements include strong identity governance, including robust multi-factor authentication (MFA) and strict password policies. This permits the adoption of a Zero Trust model — ideally with continuous verification.”

Morin, too, recommends segmenting the network and separating sensitive and proprietary data across the segments so that, in the event of a breach, the business can limit lateral movement and minimise the blast radius.

“Scan constantly and assess regularly. Like threat detection for active attacks, you should be constantly scanning your environment for vulnerabilities and remediating those that are in use in your production environments, have a known exploit available, and are of the highest severity,” adds Morin. “You’ll never be able to fix all vulnerabilities, so prioritising them properly is imperative. Also, you should conduct vulnerability assessments and penetration testing on a regular basis, if possible, to identify potential weak points.”

Meanwhile, Huang reiterates that security and simplicity should be kept in mind.

“Using VLANs to segment traffic between different departments and guest access, enabling WPA3 encryption on the Wi-Fi network and strong endpoint protection can all contribute to a more secure network. Adding a firewall gateway with built-in Intrusion Prevention System, Dynamic Web Content Filtering and Application Control provides an extra layer of security to your network. Having a network that can be centrally managed through software or hardware controllers can help to simplify tasks such as firmware upgrades, Wi-Fi password changes, VLAN settings as well as an instant overview of the live usage and health of the network,” says Huang.

Indeed, controlling who can access what, and when, is foundational to network security — and often overlooked.

“Role-based user accounts, multi-factor authorisation (MFA), and enforce strict policies designed around Zero Trust Architecture,” says Davis. “Minimise worker access to internet and network resources to only those needed for the job role.”

“Effective access control involves a combination of MFA, role-based access controls (RBAC), and periodic reviews of user privileges,” adds Beuchelt. “This ensures that sensitive data is only accessible to authorised personnel.”

Morin adds a tactical note: “take a look at your access requests. How many accounts haven’t been used in the last 30 days? How many granted accesses have authenticated users not used in the last 30 or 60 days? Unused accounts and excessive, unused permissions should be removed – otherwise, they are unnecessary risks that could be misused by an attacker. Review access regularly.”

Whitley asserts that identity security is a key underpinning of a good cybersecurity strategy. Ensuring that companies big and small start with the approach that preventing unauthorised users from accessing corporate resources is key.

“Many data breaches are as a result of accidents by people, or by well-meaning staff falling foul to a phishing attack. For this reason, ensuring that staff only have access to those resources they need help prevent accidental or malicious breaches, and where these breaches are not prevented, they will nevertheless mitigate the worst consequences,” notes Whitley.

Eyes on the horizon

Network threats aren’t standing still — and neither can we.

“The only thing we can be certain of is that threats continue to evolve. Unfortunately, the money made by bad actors mean they will have considerable resources to keep looking for ways around defences,” highlights Whitley. “For this reason, the key is to be constantly vigilant. Even when you think you have strong defences constantly monitor them and ensure your managed service provider is doing the same.”

Beuchelt believes that emerging trends such as AI-driven threat detection, Zero Trust architectures, and enhanced cloud security are shaping the future of network defense.

“Businesses, especially SMEs, should keep abreast of these technologies and continuously update their security strategies and staff training to stay ahead of evolving cyber threats,” notes Beuchelt.

Cox agrees that “AI-powered threat detection and Zero Trust security models are no longer just for the enterprise end of town. SMEs should take note – these technologies are becoming more accessible and can help spot and stop threats before they do damage, particularly when coupled with AI and real-time threat monitoring. DNS-based security plays a key role here, offering a lightweight but powerful way to enforce policies and gain deeper visibility into network activity. You can’t stop what you can’t see, and DNS provides the eyes and ears businesses need to increase their resilience and safeguard their perimeters.”

“AI and large language models (LLMs) are becoming more prevalent both in cyberattacks and security tools. Defenders must be able to use AI-enabled security tools to expedite their workflows and defend against AI-powered attacks,” recommends Morin.

The overwhelming message from experts? Don’t wait.

“Don’t just take these steps now – do them consistently,” says Morin. “Regular security audits and employee training will foster a culture of security awareness.”

Whether you’re securing a single-office SME or a multi-site enterprise, the fundamentals are the same: visibility, segmentation, access control, and rapid response. As technology evolves and threats escalate, these pillars will be the foundation on which cyber resilience is built.