Even though various malicious programs have been lurking in cyberspace before, the shift to remote working environments has strongly emphasized the importance of robust cybersecurity practices.
Some companies and individuals started to safeguard their devices and networks by installing professional security tools, while others even enrolled in security awareness training sessions. Unfortunately, such measures are not always enough to avoid cyberattacks.
So, we talked with the Founder and Co-Founder of the Cyber Security Hive. Akram Khan and Maaz explain how penetration testing can help identify vulnerabilities, why it’s essential for all organizations, and what are the most relevant cyber threats today.
What was the journey like since your launch in 2018?
We started Cyber Security Hive in the year 2018. Both maaz and Akram are school friends. We had a common goal and vision, and that’s why we started the company. Since then, there have been a lot of ups and downs. We still remember signing our first client with just breakeven cost and I'm happy to say that they are still our clients. We like to say – once a client, always a client.
Can you tell us more about what you do? What challenges do you help navigate?
We at Cyber Security Hive provide end-to-end cybersecurity solutions but our specialization is penetration testing and security operations center. There have been multiple magazines and articles written about us on the quality of service, reports, and client management we provide. Our security operations center helps our clients do defensive security and block malicious attempts to hamper the network and applications, or both.
How do you manage to keep your cybersecurity awareness training both educational and engaging?
Cyber Security Hive has identified multiple partners who provide intuitive security awareness content. For example, one of the partners provides us with micro-videos of 1-minute, this helps our users watch these real-life example videos rather than whiteboard/animated content.
We also have a security awareness product in our product pipeline which will begin post-October 2022.
Since the pandemic uncovered cybersecurity gaps and flaws worldwide, what would you consider to be the main takeaways?
A lot of companies did not consider cybersecurity before the pandemic. During the pandemic, all the employees began working from home and cybersecurity began as a critical aspect for protection. Companies wanted to divide their network into internal and external, set up firewalls, perform penetration testing on networks and web applications.
- Always have a firewall, even if it is 10 people company
- Mandatory to have an end-point solution deployed
- Setup your network infrastructure perfectly and perform regular pentest
- Always keep all the patches on the servers updated to the latest versions
- If you have a web application, perform penetration testing and remediate all the vulnerabilities identified. Do this once in 4 months on a bare minimum
- Set up blacklist rules on your firewall for any kind of brute force or DDoS attacks
- If you have over 10 employees, set up a security operations center
- Perform a phishing simulation on your employees to check the phishing rate of your organization
- Perform security awareness training programs to create awareness between employees on cybersecurity
Cyber Security Hive is an end-to-end cybersecurity service provider and will help you improve the security posture of your organization.
What types of cyberattacks are the most common nowadays, and how serious are they?
The most common type of cyberattack that is seen is phishing which can happen irrespective whether your company owns a product or not. It is often said: "the last line of defense in any organization is your employees.”
If your employees have access to email, phone, or a computer then your employees are susceptible to phishing, vishing, smishing, or USB drop attack.
Your organization might have the highest level of security, but if the employees are not aware of threats, then there's always a risk of getting phished, vished, social engineering, etc.
To remediate this common problem, always perform phishing, vishing, and smishing simulations. Also, after the simulations, it is essential to train the users on security awareness and test them again. It is recommended to perform these tests once every month or in quarter depending on the budget.
In your opinion, which industries should take penetration testing more seriously?
Penetration testing is the bare minimum that an organization has to be compliant with just to close major vulnerabilities. Countries all over the world are making it mandatory for financial institutions. Clients are asking for penetration testing reports before they start an engagement with the organization. Development companies are partnering with cybersecurity companies to perform penetration testing on their applications before handing them over to the clients.
I would say penetration testing should be a mandatory norm and standardized as functional testing is done. Penetration testing would reveal all the vulnerabilities in the application. Specifically speaking, financial institutions, SaaS-based companies, data analytics, and to generalize any company that deals with data would require penetration testing.
Also, the limitation shouldn’t be done only to the products/applications but also, the network is something that companies should be focused on getting tested. You can resolve all the applications related vulnerabilities, but if the hacker can inject malware/exploit any vulnerability through your network, getting your application secured wouldn't make sense.
We at Cyber Security Hive are a penetration testing specialist company and have helped clients globally to perform different types of penetration testing across different eco-systems.
Besides regular penetration tests, what other security practices should be incorporated into every organization’s routine?
Apart from penetration testing every company should have endpoint security in place on all their desktops, servers, and endpoints. We usually prefer Sophos endpoint solutions because it's one of the best for Windows, Mac, and Linux machines and it usually comes under client budget.
Along with endpoint security, it is also a good practice to set up a security operations center to prevent attacks from happening in real time. Although setting it up and running the center is expensive for a small-scale organization.
Talking about individual users, what tools do you think everyone should look into to upgrade their cybersecurity?
I wanted to share some insights with people who want to get into the cybersecurity industry. CEH is not enough for you to get into an organization as a cybersecurity analyst. In fact, much more has to be done to crack a job in the cybersecurity industry – perform bug bounty programs, participate in capture the flag, and if possible, get yourself OSCP certified. This advice is also applicable to all freshers and experienced.
Would you like to share what’s next for Cyber Security Hive?
Cyber Security Hive is slowly and steadily moving its focus away from services. Ideally, we would like to be the MSSPs for all the services we deliver.
In March, Cyber Security Hive is launching its next-gen vulnerability management platform, threatscan.io, which is AI-powered. It integrates with JIRA and Slack, reports zero false positives, has on-demand chatbot support and real-time human support, role-based access, and industry standard vulnerability scanning engine along with manual and business logic testing. Also, it gives you a threat score for your web application.
Currently, the Threat Scan supports only web applications but we are soon providing functionality for network penetration testing as well.