What are some manageable solutions to help small- and medium-sized businesses (SMBs) address cybersecurity risks like ransomware?

In my experience, small businesses don't always have sizable budgets and/or security teams to manage cybersecurity threats. With that in mind, here are several cybersecurity solutions that are technically and financially manageable for companies of all sizes: 1) A ransomware detection and response solution. 2) Snapshot-based data recovery that enables an organization to recover quickly from ransomware attacks, employee errors and technical issues. 3) Insider threat detection technology, to prevent potential data theft and exfiltration. 4) Technology that detects and blocks suspicious network logins. 5) Finally, the following items are extremely effective in reducing cybersecurity risk, and are available at the "cost of doing business": A) Separation of data, based on users' "business need to know." B) Effective access control policies. C) An updated (and effective) Incident Response plan, and D) Password update policies across all company devices and access points, including the company's WiFi network. 

Unified security services like https://trust365.com 

With the rice of ransomware activity and its sophistication nowadays, it's not really if you got hit but when. I agree with most of the comments here to have a multilayered security approach, MFA etc. I will just add having a rock-solid Backup and process where you test the recoverability of the backup so when you got hit you can recover fast and without data loss.

I think it's still the basics, such as:
·Multi-layered approach rather than a single product
·Cyber security training
·Prevent spread using network segmentation
·Prevent backups being compromised
·Strong passwords remain super important. We recommend at least 16 characters.
·2FA/MFA is a must, but it’s not a catch all.
·A regular programme of network and system pen testing is important so that you find the weak parts of your network before the attacker do, you know those test sites or infrastructure that were spun up without good security and not decommissioned
·Patching and up-to-date software on devices  - the basics are still important
·Post incident steps to make sure the ransomware is fully mitigated

Build a relationship with a cybersecurity firm early on. I worked at a company some years back that got hit by ransomware. It was hard to bring everything back up and live through that, because we made the mistake of not having a relationship with a cybersecurity firm in advance. I think that's true for a lot of companies—they wait too long to establish a cybersecurity relationship, because they wonder, "Should we really spend this money?" But I think you should. In the future, I would definitely do that differently.