Category: This Week’s Gurus

As important as it is, cybersecurity awareness training might not seem like the most exciting thing in the world, but when it involves plots to rival your favourite network crime dramas, expertly crafted cinematography, and characters to root for? Naturally, it all feels a little bit different.  

Of course, we’re talking about the long-awaited return of KnowBe4’s network-quality video series The Inside Man. Back for its fifth season, the show, created and produced by Twist & Shout Communications (a KnowBe4 company) is now available to all diamond-level KnowBe4 subscribers.  

The Gurus were lucky enough to walk the red carpet alongside the show’s cast and crew last week at the Odeon Luxe Cinema, Leicester Square. A packed-out venue fit for an ambitious and industry-leading series that reunited some of our favourite characters. 

 

What To Expect This Season 

Season 5 of The Inside Man has big ambitions that echo, as always, real-world scenarios, genuine real-world threats, and plausible scenarios. If season 4 was a nod to 2021’s Colonial Pipeline ransomware attack, season 5 takes a stab at the more political side of cybercrime.  

The season’s antagonist, Cyrus, sums the season – and his intentions – up perfectly: ‘Money? You think this is about money? It’s about power… The power to know how people are going to react before they know themselves, to mould their thoughts, to shape their behaviour… The power to choose who wins an election, wins a war.’ 

Of course, this echoes similar themes that we see in the news frequently, with cyber influence operations becoming all the more common. In fact, just last year US military and intelligence officials announced that they were stepping up efforts to defend the electoral process from foreign influence.  

Whilst the show doesn’t go that far, it does dabble in using cyber influence to show the increasingly complex nature of highly personalised attacks. This season we find Mark, AJ, Fiona, Violent and Maurice approached by the security services to help fight against a remorseless adversary deploying vast resources of hacking powers to gain influence and power. From global corporation acquisition to insider threats within hospitals and healthcare, this is definitely the most eager (and high stakes) series of The Inside Man yet. 

Jim Shields, Creative Director of Twist & Shout Communications said: “In this season, we see many of these exciting plotlines finally come home to roost. Storylines for which we’ve spent two or three seasons laying the foundations. It’s powerful stuff, and the production team have excelled themselves as usual in bringing it to life. I’m unbelievably proud to be a part of this series.”   

 

Revolutionising Cyber Awareness Training 

For many years, KnowBe4 have been reshaping cybersecurity awareness. Perhaps the most obvious example of this is their willingness to invest in something truly different and, perhaps, revolutionary within its field. It’s clear that The Inside Man is an investment, with stunning sets, large productive value and 12-episode story arc. However, it pays off; the show has real, dedicated fans. In fact, three lucky superfans were invited to the premiere, with one having written a full-blown analysis of it. There’s nothing quite like it! 

“Security awareness training doesn’t have to be boring, nor should it,” says Stu Sjouwerman, CEO of KnowBe4. “‘The Inside Man’ is the most utilised training that KnowBe4 offers in the optional training category because it is highly captivating, and the production quality is more like a network-quality series than training.” 

What The Inside Man does so captivatingly is foreground the human element of cybercrime, with the adversaries not the stereotypical hooded hackers of yesteryear and our victims harrowingly human and relatable. From social engineering to passwords, to social media and deep fakes, this season of The Inside Man covers a lot of ground. Importantly, it reveals how easy it can be for an outsider to penetrate an organisation’s security controls and network. It’s awareness training that doesn’t feel like awareness training – and it’s not preachy either. 

 

The Verdict  

Season 5 of The Inside Man is well worth a watch. Whether or not you typically ‘enjoy’ cybersecurity awareness training, you can’t help but feel drawn to the show. It’s both educational and entertaining, and that’s pretty impressive.  

Education and awareness are at the heart of everything KnowBe4 does – and The Inside Man is no different, clearly. The Inside Man forces audiences to face safe (or otherwise) cybersecurity practises in an unusual (and rather fun) way. Ultimately, this passion project, beloved within its community, is something vendors should take notice of.  

You can watch the full series on The Inside Man microsite on the KnowBe4 platform if you are a diamond member. 

 

The post Back and Bigger Than Ever! The Inside Man Season 5 Takes a Stab at Power Hungry Adversaries appeared first on IT Security Guru.

Picture the scene: The office of a small but successful law firm is broken into. During the ensuing break-in, hundreds of documents relating to both employees’ and clients’ personal data are stolen and presumed available for sale online, including compromising personal information and financial data.

Following an investigation, it becomes apparent that the law firm did not employ basic security controls when attempting to protect their physical premises. No security system, no CCTV, and no “locked doors”, per se. As a result, the clients who once trusted this firm with their data begin a mass exodus, and the law firm find themselves in very rocky waters.

This analogy serves to illustrate a crucial point about the cybersecurity posture for SMEs (Small Medium Enterprises). Statistics show that small and medium-sized businesses are not exempt of being targeted by cyber criminals and can be equally, if not more, affected by an attack that could cause significant operational or reputational damage.

Small businesses are subjected to all types of cyberattacks, which include but are not limited to malware, ransomware, and data breaches. All these result in privacy, security, and operational risks. These attacks may also end in stolen funds, compromised confidential business information, and unauthorised access and disruption of day-to-day operations.

Cybercrime is growing alongside the increased use of the internet and business networks. Today, more than ever, organisations of all sizes rely on their networks, data, and internet connectivity to conduct business. Unfortunately, as a result, sensitive data, intellectual property, and personal information of small and medium-sized firms are targeted by an ever-increasing and sophisticated community of cybercriminals.

Fact is, small organisations, are just as much of a target in today’s cybersecurity landscape as the multinational enterprises who make the headlines.

 

The Automation Factor

Organisations of all sizes must come to terms with the fact that they are likely to be a target of a breach. Similarly to the global trend of businesses’ digital transformation to improve efficiency or to reach a new customer base, the uprise of Cybercrime is the result of digital transformation of traditional crime methods such as extorsion. Fact is, the weaponization of the 21st century criminal has become another market on its own right. Automated blanket attacks, ransomware-as-a-service offerings, widespread phishing campaigns, and other attack vectors have become part of a “business offering” far from the stereotypical ‘evil genius’ hacker extorting an organisation as an independent actor. Ransomware gangs go so far as to attempt to recruit malicious insiders, as it is growing to become a lucrative market in which there is much money to be made.

According to a McKinsey Global Institute report the internet’s economic impact has been greatest among “individual consumers and small, upstart entrepreneurs”. The internet provides a platform that allows even the smallest firms to have a global impact.

Forbes reported in March that small businesses are more frequent targets of cyberattacks than larger companies, often because cyber criminals assume they lack the necessary means to protect themselves. In the US alone, 60% of SMEs were out of business six months following a cyberattack.

As such, organisations are increasingly realising that the investment in cybersecurity platforms should be considered a cost of doing business, as attacks are now also affecting small businesses who are more vulnerable due to a lack of resources and awareness.

 

Best practices

As technology continues to evolve, the risk of cyberattacks becomes more extensive and complex, therefore it is crucial for small businesses to look into cybersecurity plans.

Leaders need to remember that, no matter how small they believe their own business operations to be, it will never be small enough to remain hidden from cybercriminals; particularly if their cybersecurity infrastructure falls short.

In today’s world, everything is interconnected and many small firms handle sensitive data or require remote access from their personnel. Therefore, security becomes an absolute priority. Failure to deal with it appropriately could mean significant damage on revenue due to service downtime, loss of brand equity and customer trust, professional indemnity, non-compliance issues, and at worst criminal proceedings.

Business leaders and security teams can work together to make smart decisions that improve overall cybersecurity cultures within their company. One of the considerations they should make is working with a specialized service provider that can protect their digital assets and business interests. An example of this is employing the right cyber security partner to provide sophisticated real-time risk management and bring actionable intelligence to the enterprise where and when it matters the most.

MDR Services available by a Cyber Security provider can protect data, assets and identities in real time, and detect, respond and prevent cyberattacks on a 24/7 basis. This takes the pressure off IT teams and leaders, allowing them to focus on their usual day-to-day tasks, while securing the business from internal and external cyber threats.

https://www.obrela.com/ 

 

The post Why is cybersecurity vital for small businesses? appeared first on IT Security Guru.