David Rickard, Cipher: a company’s first line of defense is its own users
Having to face the challenges of moving to remote work following a rising wave of cybercrime, organizations are finally beginning to learn the value of cybersecurity. But despite their best efforts, threat actors continue to invent new ways to cause damage. As the threats evolve, security teams that aim to stem the tide must also find new ways to stay on top of their game.
As organizations grow increasingly reliant on the hybrid workplace, protecting and managing sensitive data becomes an ever-pressing concern. With millions of cyberattacks carried out every single day, the question of becoming a target is no longer if, but when.
David Rickard, chief technical officer at Cipher, shares what organizations must focus on in order to avoid emerging cyber threats.
Cipher has been successfully providing security solutions for 20 years now. What was the cybersecurity scene like back then?
In 2000, cybersecurity was just starting to gain attention. The concept of even having a firewall was still relatively new, with commercially available packet filtering firewalls having made their first appearance only five years earlier. Then, the ILoveYou worm hit in 2000, infecting 10% of everything connected to the Internet, and costing around $15 billion in damages. The next four years brought dozens more. As a result, interest in cybersecurity grew.
Then, threat actors started to monetize their attacks, and the stakes got higher. Threat vectors multiplied, and botnets and trojans made their first appearances. Companies could no longer ignore their cybersecurity readiness.
You mention holistic risk management often. Could you tell us more about it?
Holistic Risk Management and Enterprise Risk Management consider all areas of business risk and seek to preserve the company’s value. It starts with understanding what the risks are, what their cost impacts could be, and then taking measures to protect the company from such losses.
Cybersecurity risk management is a part of that, along with physical security measures such as guarding, secure transport, alarm systems, access control systems, and surveillance. Cyber threats increase continuously; defense-in-depth, or a ‘belt and suspenders' approach, is important. Continuous monitoring on a 24x7 basis is required to enable responses to cyber threat situations.
Did you notice any new threats arise as a result of the pandemic?
The advent of remote work introduced new risks and threats, primarily due to corporate network exposure to their employees’ home networks.
A home network can easily have 20 or more connected devices, many of them IoT, that have little or no administrative governance, giving bad actors an abundance of new threat vectors to exploit.
This gave rise to a renewed interest in carefully planned Endpoint Protection (EPP) programs, more secure communications methods, and enhancement of Acceptable Use Policies (AUP), including ways to enforce them.
Besides providing solutions for essential industries like healthcare or manufacturing, you also offer security services for gaming. Can cybercriminals take advantage of online entertainment, too?
Cyberattacks on entertainment platforms like Sony Playstation and Qriocity ten years ago demonstrated that gaming platforms are a rich target for threat actors wishing to steal personal information about the participants.
The exfiltration risk for Personally Identifiable Information exists for gaming platforms the same way it does for any enterprise: Payment Card Information (PCI), Patient Health Information (PHI), and Personally Identifiable Information (PII) are very valuable commodities in the world of threat actors. As a priority, protecting a company’s data and uptime/availability must be taken into account.
Since cyberattacks are growing at an alarming rate, what can businesses do to avoid threats?
If businesses allow their employees administrative permissions on their laptops, i.e., they can install anything they want, they should realize that their risk levels are greatly increased. Likewise, permitting the use of personal web-based email from corporate assets negates efforts in Email Threat Protection (ETP). Cybersecurity Training and Awareness programs are necessary to all security programs: a company’s first line of defense is its own users.
The top three things that a company should focus on are keeping an up-to-date hardware inventory, up-to-date software inventory, and the creation/maintenance/administration of a viable vulnerability management program. In addition, design with defense-in-depth, enforce a least-permissions access control model and monitor continuously.
How do you think cybercrime is going to change as organizations start to take cybersecurity more seriously?
Threat landscapes evolve constantly and continuously. All software has bugs, and threat actors will continue to find creative ways to exploit them. Social engineering techniques evolve as well, especially as social media platforms continue to flourish. Cyber threats to national security, health, and safety are known to exist.
To not take these into account in the interest of preserving corporate value is to give away the keys to your kingdom, within which are your crown jewels. As seriously as organizations may take cybersecurity, threat actors are quite serious about finding creative new ways to exploit and steal value. As landscapes evolve, so must cybersecurity diligence be constant and continuous.
With many students coming back to school now, are there any security risks associated with online learning platforms?
Remote learning during the pandemic increased DDoS attacks on education platforms by 550%. Phishing attempts trying to trick users into giving away their credentials for online learning platforms increased over 20,000%! Adware and trojan downloaders associated with these kinds of activities are also common threats.
And finally, what’s next for Cipher?
Cipher’s integration with Prosegur (acquired Cipher in 2019) is paving the way to start offering clients the ability to help them monitor their entire threat landscape – i.e. Physical and Cyber. We are building out a new combined Headquarters and Operations Center in Deerfield, FL, to house us both. Our offerings will heavily focus on leveraging our Prosegur Physical Security and Global Risk Security groups.
We are also continually collaborating with new partners to automate the People, Process, and Technology of the Cyber three-legged stool. Cipher is dedicated to ensuring we are offering the most effective and efficient solutions to protect our customers.