Category: Interview

Secure Service Edge works with a variety of network configurations. Is it right for yours?

By Chris Alberding & Evin Safdia

On the heels of another record number of cyberattacks in 2022, including an alarming 13% increase in ransomware attacks, according to a Verizon year-end report, shielding an organization from this very real and escalating risk requires protective measures that work across network configurations out to the network edge, even as the contours of that edge shift. It takes defenses that are as sophisticated, persistent, and adaptable as the would-be attacks and attackers themselves, without requiring or excessively relying upon specialized security talent. Security Service Edge (SSE) fits that profile.

Q-1: What is SSE?

SSE is the security portion of the SASE (Secure Access Service Edge) architecture, which converges networking and security together. SSE converges an organization’s disparate cybersecurity capabilities into a single, cloud-native software stack that protects all enterprise “edges” – sites, users and applications – worldwide.  More specifically, SSE includes:

  • Secure Web Gateway (SWG), which defends users against phishing attacks and malicious websites.
  • Firewall as a Service (FWaaS)which provides end-to-end traffic segmentation, restricting access to locations, applications and resources.
  • Zero Trust Network Access (ZTNA)which ensures secure remote access to applications on-premises and in the cloud for every user, device and location.
  • Cloud Access Security Broker (CASB)which controls access to cloud applications, extending enterprise security policies to the cloud and enabling regulatory compliance.
  • Next-Gen Anti-Malware (NGAM)which protects connected sites, cloud resources and users against known and unknown malware.
  • Managed Detection & Response (MDR), which offers ongoing network monitoring and alerting on compromised endpoints.
  • Data Loss Prevention (DLP), which prevents sensitive data and information from leaving the organization, while complying with industry regulations.
  • Intrusion Prevention System (IPS), which monitors network traffic and blocks malicious content, providing protection against range of cyberthreats.

A managed service provider can seamlessly maintain the SSE engine, keeping it current against new threats. And the engine operates at line rate regardless of the traffic volume or if it’s encrypted, traditionally a major problem for security appliances.

Q-2: Which types of cyberthreats is SSE designed to protect against?

SSE defends enterprises and their networks against anomalies, threats and sensitive data loss. That includes phishing, malware, ransomware, data theft, and other forms of unwanted access to locations, applications, and resources.

Q-3: What kinds of enterprises are a good candidate for SSE and why?

SSE is for any organization that wants to improve its risk posture and reduce operational overhead, which is to say it’s for everyone. By converging security capabilities, SSE provides deeper security insight than possible with the traditional patchwork of security appliances. And it’s all maintained by a SSE provider, not the enterprise itself.

Q-4: What’s the business case for SSE? What are the benefits?

SSE protects the complete organization – users, sites, and cloud resources. As such, organizations like SSE because it:

  • Establishes a global fabric of enterprise-level security connecting all network edges into a unified security platform, enabling consistent policy enforcement.
  • Readily scales with business demands and the network.
  • Provides line-rate inspection of all traffic, scaled vertically and horizontally, even when traffic is encrypted.
  • Reduces IT workloads as a self-maintaining service.
  • Fits into any existing network topology, allowing SSE to be adopted gradually.

Q-5: How is SSE different from SASE?

As the security portion of SASE, SSE is independent of the connecting device. Third-party SD-WAN devices, firewalls, or any IPsec-capable device can connect to SSE. With SSE, organizations can benefit from cloud security without impacting their existing network infrastructure. Because of that, SSE is viewed as a seamless migration path to full SASE (with SD-WAN) architecture, if and when an organization is ready.

Q-6: What’s the SSE implementation process like? How easy is SSE to implement?

SSE can be deployed very rapidly without disrupting network operations. In many cases, organizations can be up and running in days. No need for extra hardware to be shipped and installed, or excessive operational overhead.

Q-7: Who manages the various moving parts of SSE? Is that something our organization’s IT department does internally, or can day-to-day management be outsourced?

SSE usually comes as a managed service, which is good news for organizations and their IT and security teams, many of which are running extremely lean. As a single-vendor managed solution, SSE relieves organizations from the burden of integrating, configuring, implementing, monitoring and managing multiple layers of security themselves. Instead, they can hand these responsibilities over to the cybersecurity experts providing the service. Organizations with skilled security experts may opt to select an SSE provider that enables them to co-manage the security policies via a user portal.

With this unique combination of advanced cybersecurity capabilities and turnkey management, it’s no wonder that by 2025, according to Gartner, 80% of enterprises will adopt a strategy to unify web, cloud services and private application access from a single vendor’s SSE platform.

Chris Alberding is Senior Director for SD-WAN and Security at Windstream Enterprise (https://www.windstreamenterprise.com/). Evin Safdia is the Director of Product Marketing for the Americas at Cato Networks (https://www.catonetworks.com/).

The post SSE Decoded: Answers to Your Questions About Secure Service Edge appeared first on Cybersecurity Insiders.

Cyber threats have already plagued January of 2023, causing organizations to invest more than ever in protective measures. The average cost of a data breach in 2022 was $4.35 million, and ransomware attacks cost organizations an average of $4.84 million, which does not account for the personal losses some cyber attacks have caused. Email attacks continue to pose a threat to businesses as well, totaling a loss of $2.1 billion in 2021. However, preventative measures have become more accessible for companies to use.

Safer Internet Day, celebrated on February 7 this year, works to raise awareness of threats and how to prevent them. Experts find that implementing cyber hygiene measures can protect individuals and organizations from threat actors.

Below, we asked some leading experts in cyber security what they recommend as best practices to protect against cyber threats.

Aaron Sandeen, CEO and co-founder, Cyber Security Works (CSW)

Organizations should use Safer Internet Day as a reminder to improve their cyber hygiene procedures and add cutting-edge solutions to their toolkit. Our reliance on the Internet has increasingly exposed us to risk over the past few years, so we must now implement strict security measures to protect connected people and businesses.

Threat actors are always searching for new entrance points into organizations and ways to disrupt their operations. Specifically, ransomware groups are always changing and creating new methods faster than security experts can close holes. As a result, businesses are rushing to control their attack surface and patch security vulnerabilities.

For organizations to practice safer internet use, they must implement proactive security. Before a risk is taken advantage of, a company needs to be aware of the assets it may have that could constitute a danger. Fortifying your defenses requires prioritizing vulnerabilities and applying priority patches after determining how vulnerable your company is to an attack.

Arti Raman, CEO and founder, Titaniam (she/her)

Safer Internet Day is the perfect time for individuals to reinforce cyber hygiene and for organizations to add innovative technologies to their security toolbox that help minimize the impact of ransomware attacks.

For end users, a safer internet experience involves good cyber habits such as utilizing encrypted password managers, setting up multi-factor authorization on accounts, and cloud backups, all of which deter threat actors. Further, individuals should refrain from sharing personal data with third parties unless absolutely necessary, since this data can be sold and end up in the hands of cyber criminals who eventually use it to compromise identities and take over online accounts.

For businesses that store and process end-user data, keeping it safe from cyberattacks can be a little more complicated. Looking to the year ahead, Titaniam’s latest survey report, the ‘Enterprise Security Priorities for 2023 report,’ shows that 41% of surveyed security experts expect large companies to be the top target in 2023 for cyberattacks.

We recommend organizations take three important steps to keep customer data safe. First, request and retain only the bare minimum of customer personal data. Unnecessary additional data creates additional cyber risk. Second, deploy a strong identity and access management program to ensure that sensitive data is available only to those who truly require it to do their jobs. Finally, utilize a modern data security platform to implement strong data security controls such as encryption at-rest, in-transit, and most importantly, encryption-in-use.  Encryption-in-use technology ensures files remain undecipherable and unusable to bad actors even if they break through perimeter security infrastructure and access measures.

Organizations and users can celebrate Safer Internet Day by implementing these security measures to prevent ransomware attacks and fully utilize modern encryption technology.

Richard Bird, CSO, Traceable AI

To achieve a truly safer internet, we have to stop relying on 20 year old security practices that were born in data centers that clearly do not work in the highly distributed compute world we live in now. The internet depends wholly on encryption standards that were introduced more than 20 years ago, account and password constructs that were first originated in 1961 and other aged security approaches that have zero effect against ransomware and social engineering.

Something to consider about ransomware is that at its core, it is an identity security failure. Hacking is simply being someone you are not in order to get something you shouldn’t have. Ransomware hackers take that a step further to either lock down the things they shouldn’t have had access to or by just simply taking those things. Mastering the basics of identity security can and will dramatically reduce the success of ransomware.

Javed Hasan, CEO and Co-founder, Lineaje

In order to build a safer Internet in 2023 and beyond, organizations will need to realize that software that is not built securely cannot run securely. With more than 70% of modern software dependent on open source and third-party components, software developers cannot deliver secure software to customers without formal software supply chain management. This realization, and the increasing tampering of popular open source and commercial software packages, will drive an intense focus on ‘what’s in the software?” and ‘how good is it?’

To work ‘together for a better Internet’ like Safer Internet Day’s theme touts, CIOs, CISOs, developers and other software producers and securers will need to take the time to educate themselves on what securing a software supply chain truly looks like. A lot of IT and security professionals today only have a high-level understanding, or simply regurgitate what they’ve heard or read publicly. Safer Internet Day should serve as a reminder for security and IT professionals to take the time to deepen the depth of knowledge on software supply chain security and enlist the help of security tools that can assess the entire software catalog to identify and mitigate any risks that could lead to an attack.

Dalia Hamzeh, Security Strategy and Transformation Manager, Progress

To be successful at fostering a security-first culture in any organization, you need to help your employees better understand security practices at home, too. Think about a person who regularly wears their seatbelt while driving their own car. That behavior doesn’t change when they are in the passenger’s seat of a friend’s car or if they are driving a rental. Putting their seat belt on is habitual. Well, the same goes for security awareness. For security teams to succeed at creating a Safer Internet Day every day, they need to be mindful of focusing on behaviors in relation to their personal lives.

So, how do you put this in practice? If you are looking to train your employees on how to spot a spoofed website, train them by using the example of globally popular online

shopping sites. They may pay closer attention to the advice but will use it to protect their corporate data too. SANS.org and StaySafeOnline.org are both great resources organizations can leverage for awareness materials.

The post Cybersecurity Experts Provide Insights for Safer Internet Day appeared first on Cybersecurity Insiders.

October is the official month we dedicate to raising awareness around cybersecurity, and this year’s theme asks everyone to “see yourself in cyber,” meaning everyday people are at the heart of keeping our digital world safe. Although the topic of cybersecurity appears complicated and esoteric, each and every one of us can contribute in some way.

Below, cybersecurity experts share advice on cost-effective cybersecurity policies, backup and disaster recovery techniques, diversity in security teams and more to commemorate NCSAM this October.

Gal Helemski, CTO and co-founder, PlainID

Adversaries have become increasingly effective in their phishing campaigns as of late and thus this National Cybersecurity Awareness Month, it is critical that organizations reinforce all security infrastructure. When an internal breach occurs where networks are compromised, identity remains the priority challenge. Organizations must adopt a “Zero Trust” approach, which means trusting no one to begin with – and revalidating the identity is approved for access at every stage, based on context.

Building a strong defense is fantastic and much recommended as a layer for staying protected against adversaries. However, once a user is compromised, especially one with administrative credentials, they are already in your network and limiting movement is key to avoiding continental damage and risk. This month, organizations should focus on educating against phishing attempts, and investing in an identity first approach as a fundamental concept for cyber security defense.

Aaron Sandeen, CEO and co-founder, Cyber Security Works 

Ransomware and other cyberattacks have been used in a variety of ways throughout the year, underscoring the attackers’ growing technological sophistication and the threat to businesses throughout the globe. Seemingly enough, cyber-attacking groups are typically successful when they are one step ahead and can exploit system flaws. This Cybersecurity Awareness month, IT leaders must challenge themselves to expand their cybersecurity visibility of known and unknown assets.

The way for corporations to prevent cyberattacks is through proactive defense. There are already 13 CISA-known exploitable vulnerabilities that need patching by the end of October 2022. One of the steps that businesses can take to avert disaster is to patch the vulnerabilities that threat groups and attackers exploit. Understanding how vulnerable you are to ransomware attacks and monitoring your security posture through continual vulnerability management and proactive penetration testing is essential to fortifying your defenses, especially when new hacking organizations arise.

Konrad Fellmann, CISO and VP of IT infrastructure, Cubic Corporation

“We are living in a time where every person and business is vulnerable to cyber threats. Mass transit agencies are no exception—in fact, they are appealing targets simply because, as part of the critical infrastructure, they help U.S. commerce and cities to run. If a transit agency is shut down and we can’t move people or goods, the criminals claim victory.

Another top goal for malicious hacks on transit agencies is getting a ransom paid. This is why we consider ransomware to be a significant threat. It’s also why we’ve seen cyber liability premiums rise nearly 300 to 400% over the past couple years. The good news is, while most transit agencies already had some cybersecurity measures in place, the new regulations put forth by the TSA are helping to further establish a standard for security in the transit sector. Additionally, programs like National Cybersecurity Awareness Month are effective at helping to educate everyone on proactive measures for preventing breaches.

To that end, Cubic’s number one priority is maintaining the trust, security and privacy of our customers, their patrons and data. We are very focused on ensuring data protection and supporting the use of security best practices across everything we do. For example, we certify to industry standards such as the Payment Card Industry Data Security Standard (PCI-DSS) and ISO 27001 in order to ensure and verify the effective implementation of strong security controls. We also maintain close working relationships with multiple cyber industry associations and government agencies to stay aware of ongoing trends and gather threat intelligence to continually improve our security posture.”

Arti Raman, CEO & founder, Titaniam

“It is our jobs as cybersecurity professionals to have everyday processes and systems in place and running smoothly so that our data remains secure. However, as hard as we work, bad actors work just as hard and are constantly trying to beat the systems and processes put into place.

In honor of National Cybersecurity Awareness Month, I want to highlight how the human element of cybersecurity is often overlooked. The human piece is thought of as a weak link in every enterprise’s security posture, and while it may be true, it can also be a source of power. If we put ourselves in the shoes of others, we can take a moment and reflect on how we would react and respond. When it comes to any of these breaches we have seen recently, it is important to extend empathy to all those involved, and not blame, but rather come together on how we can build stronger protections and alliances against these cyber criminals.”

Richard Barreto, CISO, Progress

“Strong and unique passwords are first-in-line in any organization’s defense to a network compromise or data breach. Three quarters of Americans are frustrated with the overwhelming number of passwords they need to remember, and the average user has more than 90 online accounts that require credentials. Furthermore, developers are also responsible for maintaining secret keys. To avoid the impact of compromised credentials, it is imperative security teams provide employees and development teams resources to “self-serve” the set-up of a password manager and highlight the benefits of using one. A password manager can help users identify a spoofed website (they will only auto-fill a password to a site’s URL it recognizes) and is a great selling point to many employees. Lastly, if your organization’s budget allows it, prioritizing an enterprise license for employee use is a great ROI in defending your first line.

Similarly, many recent high-profile breaches have been the result of successful phishing attacks or the malicious use of multi-factor authentication (MFA). Things like preparing employees with how to handle MFA fatigue or deploying a phishing simulation program are easy ways to keep your teams engaged and alert. To initiate measurable change within your organization, training and communication efforts should be consistent and not only focus on behaviors for employees to follow at work but also help protect them at home too. Employees who are more conscious of security best practices in their personal lives will exercise those same precautions at work. Finally, one of the most important actions every organization can take is to create a culture where reporting security concerns is encouraged and praised.”

Raffael Marty, EVP and GM of cybersecurity, ConnectWise

“The workplace has undergone an evolution in recent years. The added complexities of new technologies such as BYOD and the continued penetration and adoption of SaaS applications, combined with the overnight shift to work from home practices and constantly changing regulations, have left many businesses struggling to keep up. All the while, the increased threat of cybersecurity attacks looms over businesses, with over three-quarters of Small and Medium sized Businesses (SMBs) reporting that they have been impacted by at least one cyber attack in 2021.

Having solid cyber security policies is critical for all organizations in today’s digital age. For SMB’s who lack the expertise and resources in-house to defend themselves against threats, the risks can be difficult to manage. Gone are the days when SMBs were considered “immune” to cyberattacks. For these organisations, partnering with a Managed Service Provider (MSP) makes it possible to protect their systems and data from an attack.

No matter the security products and services a business consumes, there are four cost-effective elements that every business needs to implement to ensure success:

  1. Incident preparedness: It’s not if but when an attack will occur. Being prepared for the possible incident is key. The ability to swiftly react to an incident can make a significant difference to business operations. Understanding points of contact, process owners, and decision makers in the case of an incident will assist in quickly containing a threat and bringing the business back operational.

  2. Patch management: Patch management may seem complicated, but it really isn’t. Whether done manually or with a solution, software updates and patches should be promptly installed – not just on laptops and servers but also on firewalls and other network devices such as routers, APs and office equipment.

  3. Password hygiene: Whilst often taken for granted, passwords are the first line of defense against malicious activities in the digital space. Using different passwords for different sites and services, regularly changing passwords, and implementing Multi-factor authentication (MFA) where possible, is key.

  4. Backups: To have and to test from this day forward. Not only do organizations need to test their backups regularly to ensure they work, but they should also be stored offline on a regular basis.”

Christopher Rogers, technology evangelist at Zerto, a Hewlett Packard Enterprise company

“A lot has changed in the 19 years since October was first recognised as National Cybersecurity Awareness Month (NCSAM). With the risk of ransomware attacks now greater than ever before, the significance of cybersecurity protocols — for both organizations and individuals — cannot be overstated. This Cybersecurity Awareness Month offers the opportunity to examine our own internet security habits and ensure that the correct infrastructures are in place to handle the ever-present threat of a cybersecurity attack.

However, now that the question of a cyber attack is not if, but when, organizations must be prepared for not only the attack itself but also, arguably more importantly, the recovery. Businesses need backup and disaster recovery plans that ensure that they can recover quickly and minimize disruption and data loss — limiting downtime and restoring operations in a matter of seconds or minutes, rather than days or weeks.  When it comes to cybersecurity, protection alone is not enough, and a recovery plan should be an essential part of every cyber strategy.”

Jeff Sizemore, chief governance officer at Egnyte

“In today’s hybrid work environment, companies across business disciplines and industries are navigating increased cyberattacks and rapidly-evolving data privacy regulations amid explosions in data volume and usage. Unfortunately, many organizational stakeholders do not understand how to properly secure and manage their mission-critical data.

This Cybersecurity Awareness Month and beyond, organizations should take proactive steps to enhance cybersecurity, such as updating incident response plans, prioritizing company-wide cybersecurity awareness training, and limiting access to critical data on a ‘business need to know’ basis. It’s time that cybersecurity is no longer considered to be an optional budget line-item. Cybersecurity is not just something that highly regulated industries or critical infrastructure need to be concerned with; today’s environment has made this a necessity for all organizations, no matter the size or tenure. By further educating employees and executive management on the importance of data security and governance, companies can be better protected against potential threats like ransomware.

Finally, organizations should put technology on their side to provide a single source of truth for all structured and unstructured data. Not only does this enable secure file collaboration, but it allows companies to better understand where their data lives, how it’s used, and who has access to it.”

Surya Varanasi, CTO, StorCentric

“As an IT professional, CyberSecurity Awareness Month reminds us how critical it is to continuously educate yourself and your workforce about the malicious techniques used by cybercriminals, and how to practice proper cyber hygiene in order to decrease potential vulnerabilities.

Today, the process of backing up has become highly automated. But now, as ransomware and other malware attacks continue to increase in severity and sophistication, we understand that proper cyber hygiene must include protecting backed up data by making it immutable and by eliminating any way that data can be deleted or corrupted.

An Unbreakable Backup does exactly that by creating an immutable, object-locked format, and then takes it a step further by storing the admin keys in another location entirely for added protection. Other key capabilities users should look for include policy-driven data integrity checks that can scrub the data for faults, and auto-heals without any user intervention. In addition, the solution should deliver high availability with dual controllers and RAID-based protection that can provide data access in the event of component failure. Recovery of data will also be faster because RAID-protected disk arrays are able to read faster than they can write. With an Unbreakable Backup solution that encompasses these capabilities, users can ease their worry about their ability to recover — and redirect their time and attention to activities that more directly impact the organization’s bottom-line objectives.”

Brian Dunagan, vice president of engineering, Retrospect, a StorCentric Company

“CyberSecurity Awareness Month is a great reminder that we must remain vigilant and always be thinking about how to handle the next wave of cyberattacks. While external bad actors, ransomware and other malware, are the most common threats, malicious or even careless employee actions can also present cybersecurity risks. In other words, it is virtually a given that at some point most will suffer a failure, disaster or cyberattack. However, given the world’s economic and political climate, the customers I speak with are most concerned about their ability to detect and recover from a malicious ransomware attack.

My advice to these customers is that beyond protection, organizations must be able to detect ransomware as early as possible to stop the threat and ensure their ability to remediate and recover. A backup solution that includes anomaly detection to identify changes in an environment that warrants the attention of IT is a must. Administrators must be able to tailor anomaly detection to their business’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And, those anomalies must be immediately reported to management, as well as aggregated for future ML/analyzing purposes.

The next step after detecting the anomaly is providing the ability to recover in the event of a successful ransomware attack. This is best accomplished with an immutable backup copy of data (i.e., object locking) which makes certain that the data backup cannot be altered or changed in any way.”

Gunnar Peterson, CISO, Forter

“In the cybersecurity world, there is a quote that ‘defenders think in lists, attackers think in graphs.’ It means that an adversary’s ability to find unexpected connections gives them the upper hand over those defending the system. After all, attackers are known for thinking outside of the box, which is why complex passwords and multi-factor authentication (MFA) by themselves do not solve the rising data breach numbers. To respond, defenders need to think differently.

National Cybersecurity Awareness Month also coincides with Dyslexia Awareness Month. On the surface, it may seem like the two aren’t related. However, neurodiverse individuals are a huge asset to security teams, bringing unique perspectives to problem-solving and breaking the cycle of group think. Seeking out neurodiverse teammates in hiring, and recognizing and building around their strengths can be a vital asset to anticipating an adversary’s moves and uncovering potential solutions to problems before they arise.

This is a growing challenge for certain organizations, and I hope this month is a wake-up call for security managers to widen the aperture in ways of working and dismantle the systems that are set up to develop and reward cookie-cutter operators. Neurodiversity is a security strength and we should collectively work to foster a more inclusive industry for everyone.”

Kathryn Kun, director of information security, Forter

“The legend of the ‘skills gap’ has been permeating the cybersecurity industry for quite some time. More and more technical leaders in the last few years have questioned whether or not it exists. Research seems to say yes, with industry analysts predicting that the digital skills gap will leave about 85 million jobs unfilled by 2030, but it doesn’t paint a complete or accurate picture. In all actuality, the skills gap is just a recruiting gap, where companies fail to look beyond limiting job qualifications or the usual candidate pools to include individuals with not-so-traditional backgrounds that could have given them desperately needed skills.

In fact, my own path to security was unorthodox. I have degrees in philosophy and chemical engineering; and spent the majority of my early career without ever considering a role in cybersecurity. But it’s precisely the skills I mastered in these disciplines that have helped me carve out a place in information security.

In honor of this year’s National Cybersecurity Awareness Month theme, ‘See Yourself in Cyber,’ I would like to encourage company leaders to think outside of the box and see how other job roles such as librarians, educators, sales and communications professionals, HR and civil service workers and more could fit into the security field. Because as long as we keep hiring from a limited perspective and one-size-fits-all resumes, we will continue to do the greater cybersecurity industry a disservice. Examining what skills we need to hire for, and focusing on where else we can find those skills will only strengthen our ability to fight against adversaries.”

Carl D’Halluin, CTO, Datadobi

“Orphaned data, or data that lives in an organization’s network but was created and owned by a now deactivated employee, is a major problem that almost every enterprise across all industries is facing. Holding onto data that isn’t owned by anyone, and that IT leaders have no visibility into, can introduce major risk to a company because of the data’s unknown content. This National Cybersecurity Awareness Month, IT leaders should focus efforts on managing their unstructured data to eliminate costly and risk-inducing orphaned data. We recommend that IT teams look for an unstructured data management platform with key capabilities. These include the ability to expose where orphaned data exists, search for and tag all of this data, and then take action to migrate or delete all orphaned data. With better visibility into and management of their data, organizations can stay secure this October and beyond.”

Richard Bird, chief security officer, Traceable AI

“Take a moment and consider how you operate in your analog (IRL) life when it comes to security. You wouldn’t leave a notepad with all of your important personal data, alarm codes and passwords in the middle of your yard. You wouldn’t spread your tax returns or health records out on the dining room table for all of your friends and visitors to see. Take the conscious lessons about personal security that you already know and do in real life and just simply apply that same level of attention to your digital security.”

Justin McCarthy, co-founder and CTO, strongDM

“The cybersecurity industry is constantly competing to stay one step ahead of adversaries. If the increased frequency of malicious hacks and breaches as of late teaches us anything, it should be that there’s risk associated with any use of infrastructure credentials. After all, we’re all human, and it’s easy to make a small mistake with potentially devastating consequences.

In honor of National Cybersecurity Awareness Month, I would urge CISOs and other security leaders to consider adopting modern security and access solutions that remove credentials completely from the equation. Doing so can give security teams peace of mind that login information can’t end up in the wrong hands. It also allows employees to focus on day-to-day tasks without worrying about potentially exposing themselves and the company to undue risk.”

Ralph Pisani, president, Exabeam

“In honor of National Cybersecurity Awareness Month, I wanted to share a few pieces of practical advice for organizations to reduce the risk of credential-based attacks and minimize damage if they do occur:

  1. Every employee is a target. Adversaries will often cast a wide net, so it’s important that everyone stay on guard and use complex passwords, recognize the signs of a phishing scheme and practice good cyber hygiene.

  2. Assume a breach has happened. In all actuality, your systems and employees have already been compromised; and your credentials have been compromised, stolen, and likely resold for future uses.  What you need to do now is to detect these attacks at speed to minimize the damage.

  3. You can’t find abnormal until normal is known first. Establish a baseline of normal user behavior. Using behavioral detection analytics, you can understand patterns for every user, device and peer group to uncover what is beyond legacy detection capabilities.

Security teams are looking for the needle in the haystack, rather than the haystack itself. Taking the time to educate yourself about credential-based attacks and understanding normal user and device behavior can go a long way in bolstering your organization’s security posture.”

Amit Shaked, co-founder and CEO, Laminar

“In our multi-vendor, multi-cloud world, it has become more challenging than ever for companies to have visibility into where their data resides, who has access to what, and why. This has caused more than one in two organizations to experience a breach in the past two years, and thousands of sensitive data files to be extorted and leaked on the Dark Web.

With October being National Cybersecurity Awareness Month, I only have one question for security leaders:

Do you know where your sensitive data lives and do you have the tools and resources to manage it?

To safeguard against a majority of today’s data breaches, organizations must have complete data observability and adopt a data-centric approach to cloud security. After all, how can you protect what you can’t see? Prioritizing visibility helps security teams understand where an organization’s most sensitive data is, whether or not it has proper controls in place, if it is being monitored or not and reduces the risk of ‘shadow’ (unknown or unmanaged) data.”

MarKeith Allen,  senior vice president and managing director of mission driven organizations, Diligent

In 2022, collaboration tools are more important than ever, however, we need to be sure that their security is not neglected as our reliance on them grows. Collaborative technologies are frequently used without restriction, creating shadow IT that enhances the danger of internal leaks when access privileges and security regulations weren’t strictly adhered to or enforced. As employees navigate their new hybrid or at-home working environments, a lack of consistently applied cybersecurity practices can follow and possibly lead to bad outcomes.

Open communication channels, such as Slack, messaging, and personal email, are excellent for informally exchanging information, but they frequently lack the security or access rights required for private discussions between executives, the board, legal, HR, risk, and compliance departments. Organizations require secure working conditions and workflows that enable them to transmit extremely sensitive information without fear of it being unintentionally diverted, forwarded, leaked, or even stolen. Additionally, the system must be user-friendly and practical so that executives stick to its workflows and procedures rather than straying to other systems and jeopardizing security. These actions go a long way toward reducing insider threats if they are taken.

Terry Storrar, managing director at Leaseweb UK

“This year’s National Cyber Security Awareness Month theme is “See Yourself in Cyber”, which aims to draw attention to the fact that, although cybersecurity is a complex subject, the human element is crucial.

“With the implementation of remote and hybrid work, basic cyber hygiene has taken a real hit in some organizations. Away from the office, employees are now far more likely to, for example, connect to unsafe networks, transfer corporate data to personal devices, or share unencrypted files. Threat actors are acutely aware of this trend and relentlessly taking advantage of these vulnerabilities.

“However, as concerning as these practices are, they are often relatively simple to fix. Standard security training for all employees is one of the most basic, yet effective methods an organization can implement. Yet, too many businesses are failing to safeguard their data in this way. In fact, a recent survey found that only 61% of employees reported being offered cybersecurity training by their employers.

“By offering appropriate training, companies can reduce the security risks that come from poor cyber hygiene and encourage good daily security routines for all their employees. At the end of the day, lack of education and human error are two of the largest contributors to data breaches. This National Cybersecurity Awareness Month, businesses should start thinking about making safeguarding protocols and cybersecurity training accessible for all employees”.

The post People Take Center Stage this National Cyber Security Awareness Month appeared first on Cybersecurity Insiders.

What are the most important areas for a CISO to focus on?  When speaking to Aman Sood, it becomes clear that the job of a CISO encompasses every aspect of a business.  Aman is the Head of Cyber Security with Jimdo, a website building platform that helps small businesses start, grow, and ultimately thrive online.  […]… Read More

The post CISO Interview Series: The thinking of a CISO at the front end of the cyber threat landscape. appeared first on The State of Security.

The cybersecurity industry is growing at neckbreaking speed. This rapid growth brings new challenges, one of which is recruiting for the right people to do the increasingly complex and demanding jobs. Companies have to explore new and innovative ways in the recruitment of security personell and, generally speaking, assign the security department the strategic importance it requires.

Following his article on the talent shortage crisis, we had the chance to speak with Matt Donato, Managing Director of CyberSN, about the challenges of finding the right experts in Cybersecurity as well as the opportunities for security experts in an increasingly dynamic environment .

 

Print Friendly, PDF & Email

The post Interview: Recruiting challenges in Cybersecurity first appeared on Cyber Insights.

The post Interview: Recruiting challenges in Cybersecurity appeared first on Cyber Insights.

Chatbots are one of the latest hypes in information technology. Quite a few websites try to leverage the costs savings and customer interaction improvements using chatbots and virtual assistants. However, those bots are often unsecured and the potential for data breaches, manipulation or other mischief is big.

We had the chance to speak with Chaitanya Hiremath, CEO and Founder of Scanta, a company specialized in protecting chatbots and virtual assistant, about the risk and challenges using bots. And, of course, what companies can do to protect them.

Print Friendly, PDF & Email

The post Interview: Why chatbots are a backdoor to company data and how to protect them first appeared on Cyber Insights.

The post Interview: Why chatbots are a backdoor to company data and how to protect them appeared first on Cyber Insights.

This week, Russia approved the first vaccine against the Corona-Virus that causes Covid-19. Only a few weeks earlier, officials from both the US and the UK announced that a cyber attack originating from Russia was trying to steal Covid-19 related research. This example shows that cyber intelligence and even cyber warfare both are not science fiction anymore but very real.

We spoke with Prof. Panos Yannakogeorgos from New York University, who specializes in the geopolitical aspects of cybersecurity, about how cyber intelligence has evolved in the past. Also, we discussed the attack mentioned above and some reasons why it was made public, along with some outlooks on cyber intelligence for the future. Enjoy our video interview with Prof. Yannakogeorgos here:

Print Friendly, PDF & Email

The post Interview: Cybersecurity in a geopolitical context first appeared on Cyber Insights.

The post Interview: Cybersecurity in a geopolitical context appeared first on Cyber Insights.

Bring your own device is a trend which has been surging during the last years, specifically during the first half of this year, due to circumstances. But what are the implications for a security strategy when employees bring and use their own devices for work-related tasks? Security company Bitglass asked companies about this, and we spoke with Kevin Sheu, Senior Vice President of Marketing at Bitglass, about BYOD in relation to security and the report.

Print Friendly, PDF & Email

The post Video: The impact of BYOD on security first appeared on Cyber Insights.

The post Video: The impact of BYOD on security appeared first on Cyber Insights.

Diversity in Cybersecurity is a topic which, very often, seems to be neglected. Especially in light of the current talent shortage, our industry is well advised to change this fundamentally. Which is why we’re especially thrilled to have had the chance to interview Vandana Verma, whose initiative Infosec Girls aims to promote women in their careers in cybersecurity.

Cybersecurity Magazin: What was the motivation for setting up this community – could you single out a specific event or was that something you felt needed more support for a long time?

Vandana Verma: We started InfosecGirls with the idea of giving a safe space to women where they can start getting interested in the information security field, kick start their infosec career and be comfortable to integrate with the large infosec communities. The motivation behind setting up this community was bringing women to lead from the forefront and provide them a platform to explore and showcase their mettle in the field of Cybersecurity. There is an age old myth revolving that women can’t make a difference in the workplace whereas it has always been women bringing about the change in mindsets of mankind right from the mythological era. To burst the so-called myth with all the grace and glory was the intent and foremost motivation behind setting up this community.

Cybersecurity Magazine: The IT industry in general is not particularly known for its diversity – why focus on Information Security?

Vandana Verma: First,there exists a lot of diversity in IT although it has not been brought to book enough and has not received it’s due. Second,there can be no IT without the internet because all the data raw or processed cannot be used or churned without the same because data is the new oil. Hence protection of the internet should be the prima facie of all the businesses before anything else,hence safeguarding the same is what makes Information Security very important for one and all. To bring a change in the mindset of mankind by imbibing a Security acumen is the reason behind focusing on Information Security.

Cybersecurity Magazine: What can companies do to ensure more diversity in the IT industry?

Vandana Verma: To ensure more diversity in the IT industry organisations should handpick candidates with diverse backgrounds and acumen so that there can be enough business ideas and innovations,  flourishing in the organisation thereby contributing to its diversified growth.

As a Hiring manager below are the things I seek from the candidates or a hiring manager can look for in a candidate

  • We should actively seek out people, lot of amazing people are hesitant to accept their capabilities
  • We should look out for people who have diverse educational backgrounds and skilled enough to be in the organisation. we need to apply diverse background into consideration
  • We don’t need to lower our criteria for an interview, grill people the same way as someone might write 6 months exp and say I am excellent. The other person might say that I have the same experience but I am average.
  • Extroverts would have higher chances of getting jobs, however Introverts might be equally skilled enough but unable to express like extroverts

Company leaders might feel like hiring a diverse workforce is impossible. But every hiring manager can make an effort to hire and retain the most diverse workforce possible for the company.

We should look for inquisitive minds for a Security acumen and make sure we preach about the benefits of being in the Security business enough to people so that they also are interested in making a career in the same.

Cybersecurity Magazine: In Germany, there is a discussion about enforcing a quota for women in leadership positions – will regulations like these help create a more diverse industry or possibly even hinder diversity?

Vandana Verma: I am not going to say anything on the regulatory systems but One of the reasons, people don’t put effort into having  diverse teams because not having diversity in a team doesn’t impact it at a level which could hamper performance immediately, but it helps in getting better results.

One of the arguments/points at certain places that I hear often is we are a merit based system, whosoever falls under merit, we will hire them because they have already proven themselves. But this is more like hiding from addressing the issue. Merit is good, people have put in a lot of effort and now they got the opportunity. But If we only give them the opportunity, we are only at a skill shortage. Only having the merit based system is leading to skill shortage. The people who are new and want to part, they are not getting opportunities to prove themselves. I understand and advocate for a merit based system always. Even the keynote I have been asked to do today is based on my experience or  work and effort that I put in for the community

One of the areas I work in and I like to keep myself busy is getting new people from various backgrounds to start in infosec and get comfortable in the community to learn and participate in all the forums. Merit is good but it’s restraining Diversity. First people need to start equality.

Cybersecurity Magazine: What can we as a society do to ensure more diversity in the infosec industry – should information security (not only for diversity reasons, but also in general) be taught in schools and colleges by default?

Vandana Verma: I would definitely second that the disparity traces its roots back to school.I have often heard people preaching that “Tech is for men and kitchen is for women”. On the contrary I have witnessed some unparalleled men in the baking business and women in the tech space. It has nothing to do with gender. It is not just women in particular but everyone in general who needs to be enlightened. Not much has been done about educating students about cybersecurity. I believe there has to be a separate program for bringing up cybersecurity awareness amongst the kids. The pros and cons of cyberspace needs to be assimilated deep down into their roots right from the start. This is how we can make a change and our nation cybersafe. One more approach other than the awareness programs would be giving them exposure to unmediated scenarios in the form of game or challenges. This will catch their attention and make them brainstorm about the importance of security of their device and their data. This is how they would use their gadgets in a safe manner.

Cybersecurity Magazine: The infosec industry globally is male dominated – but there are obviously differences for every country. Does one country or region serve as a role model for other countries/regions? Which cultural differences across the regions make it harder (or easier) to ensure diversity in the long run?

Vandana Verma: We all know that the Women are underrepresented in the IT sector. In IT, a certain number of engineers graduate a year but there are only a few of them, and the number of women who join information security is even less. Now if I talk about India, as per one of the research, there are only 10% of women in IT. Now out of this 10%, we will find 0.5% in InfoSec that’s how the stats are more or less. The ratio in the security team is really dim and this is widely recognised.

On top of it, There are cultural differences around the world and these differences do influence the field. At the same time, balancing the family with kids, family taking out time for a meet could be a bit tricky. We as Women always want to be 10 on 10. Everything is well at home, husband to be in the best space, child to have the best life which leaves very little space for ourselves to think about our own aspirations. Weekdays are hectic and weekends are even more hectic to think about anything else other than family.

To talk about role models, the field lacks the Female Role Models. How many Infosec Women Champions are there especially when we talk about India. Only a handful of  them. Role models do help in shaping up career, it doesn’t depend upon country or region or any geography.

Cybersecurity Magazine: What are your objectives for infosecgirls and what do you wish for pertaining to the future of infosecgirls?

Vandana Verma: It is a community which is always working hard to support, encourage and help infosec enthusiasts in all the possible ways. The core aim of Infosec Girls is to encourage women professionals and students to participate and stay in the field of Information Security.

We started infosecGirls with the idea of giving a safe space to women where they can start getting interested in the information security field, kick start their infosec career and be comfortable to integrate with the large infosec communities.  We want to make sure the community is Sustainable for the next 10 years.

We have More Chapters around the world

❖Host free conferences for the community

❖Encourage participation of candidates from unsung areas

❖Focus on educating underrepresented category

We are here to lead and stay.

Print Friendly, PDF & Email

The post Interview with Vandana Verma from Infosec Girls first appeared on Cyber Insights.

The post Interview with Vandana Verma from Infosec Girls appeared first on Cyber Insights.

The Internet of Things will change our lives fundamentally, with billions of new devices connected to the internet. Obviously, the IoT needs adequate protection. In our interview, Don Boxley from DH2i explains why he thinks a Software Defined Perimeter is the best way to secure the IoT.

Print Friendly, PDF & Email

The post Video: Protecting the IoT Edge first appeared on Cyber Insights.

The post Video: Protecting the IoT Edge appeared first on Cyber Insights.