Eric Dowsland, Herjavec Group: when it comes to targeting victims, hackers don’t discriminate
Cyber attacks on giant corporations quickly make the news, creating an illusion that only big enterprises get targeted by cybercriminals. However, that is very far from reality, with anyone having a chance to become a potential victim: from a child to a small business.
Online criminals are getting creative in their search for easy targets and new ways of obtaining credentials, information, and data. Yet, both individuals and corporations are often making things even simpler by following poor cybersecurity practices, such as using weak passwords and ignoring security patches.
Eric Dowsland, the VP of Customer Success for Herjavec Group, told us more about the tactics used by threat actors and shared what role the company has taken in offering sophisticated security solutions to customers globally.
Herjavec Group has been successfully providing security solutions for almost 20 years now. How did this project come about?
I’ll be the first to vouch for the fact that our CEO Robert Herjavec loves what he does, and that’s a testament to where Herjavec Group is today. He once said, "Give me a free afternoon and I’d rather go to work than race cars, play golf, or do anything else."
Before starting Herjavec Group, Robert had a technology company, BRAK Systems, which he sold to AT&T, as well as an IT company which he sold to Nokia. In 2003, Herjavec Group started as a vendor of CheckPoint firewalls in Canada. Cybersecurity is an industry that is constantly evolving, and Herjavec Group has done a great job evolving with it over the years. In 2005, we introduced Managed Security Services to our offerings, and everything started to snowball from then on. We quickly expanded into the US, then the UK, and now reach markets globally.
Just this year, we secured a huge investment deal with Apax Partners Ltd., and are supporting one of the most data-driven sports in the world as the Official Cyber Security Services Provider for Formula 1®.
Herjavec Group has grown to be one of the world’s most innovative cybersecurity firms, excelling in large, complex, multi-vendor environments, and we’re not done yet.
Apart from providing top-notch security, you also focus on social responsibility. Why did you choose to integrate this practice into your work culture?
At HG, we are always trying to find ways to nurture social responsibility. All of our employees receive community involvement days where they can choose to give back to the community. We support multiple missions in the areas of Healthcare, Education, Environment and Critical Human Needs. Recently, we donated over 600,000 pairs of socks to the Search & Rescue program at Union Gospel Mission. Currently, our Culture Crew at HG is examining different ways we can continue to give back to our local communities and we look forward to the initiatives to come.
October is also National Cyber Security Awareness month – our favorite month of the year because we get to focus on educating both individuals and companies on the importance of cybersecurity, especially in today’s ever-evolving technology-centered world. Safe internet practices and online hygiene are a part of social responsibility, too. Whether it’s using secure passwords and multifactor authentication on your personal social media platforms or providing accessible cybersecurity training and resources for all your employees, we all need to make sure we’re doing our part. Make sure to check out our website this month for more resources on how you can do your part to #BeCyberSmart here.
Did the pandemic somehow change the way you approach cybersecurity?
At the beginning of the pandemic, every business was in survival mode. Organizations had to navigate an overwhelming shift that forced them to make immediate decisions that their cybersecurity infrastructure was not prepared for. As a global community, we did well as IT departments were able to execute a quick transition.
Over a year into the pandemic, and cyber professionals are challenged with the task of catching up on the rapid digital transformations that the world undertook throughout 2020. Organizations had to go back to the basics: re-assess their security toolbox, evaluate their cybersecurity infrastructures, and look for stronger protections in the new digital landscape of their companies.
There’s also a global shortage of cybersecurity professionals – companies of all sizes are experiencing it. If we’ve learned anything since the beginning of the pandemic, it’s that cybersecurity has never been more important than it is today, and engaging a team like an MSSP provider as an extension of your enterprise is a great solution for the skills shortage crisis.
Cybersecurity isn’t a luxury, it’s a necessity that needs to be seen as a business driver.
Lately, there has been a lot of discussion about the importance of identity verification and management. What are the risks associated with poor identity management, and how can these problems be tackled?
The risks associated with poor identity management are endless - Identity and Access Management (IAM) is foundational for any cybersecurity program. It’s critical that your enterprise has strong policies, training, and programs that ensure only the right individuals are accessing the right parts of your system at the right time. How many ransomware breaches have been a result of compromised passwords and identities? That’s why we always say that no, your dog’s name or your daughter’s birthday is not a secure password! Ensuring your platforms have multifactor authentication and implementing an identity tool such as SailPoint, Okta, or Ping are simple ways to add an extra layer of security to your devices.
Today, with so many of us working remotely, we don’t have the same visibility we once did, and you can’t protect from and respond to vulnerabilities and incidents that you can’t see. A strong identity program is essential for gaining proper visibility of all endpoint users in your network. Creating a common and mutually understandable process and language of access between your IT team and all other business departments will reduce risks and improve your security posture to handle a growing digital footprint.
What are some of the most common tactics cybercriminals use? What industries do they usually target?
Ransomware attacks are becoming more frequent and sophisticated. It’s a fairly simple way for hackers to gain access to their target’s devices and information, and it can (unfortunately) yield huge results. All it really takes is clicking an unknown link or attachment in an email for an entire system to be infected. It’s also a method that thrives in chaotic and anxiety-ridden situations like the COVID-19 pandemic. They prey on fear and know people are working remotely on unsecured at-home networks. We’ve seen a huge increase in social engineering tactics that claim to have important information about a person’s health or finances, knowing that this is a common concern for many people.
And that’s just the thing – hackers don’t discriminate. Too many people and businesses think: “why me? Out of all the companies or people in the world, why would they come for me?” Unfortunately, I can confirm, threat actors have targeted every industry, company size, and level of personal wealth.
According to your research, 95% of ransomware attacks come through email. Are there any tips on how to spot a malicious email even if one does slip through the cracks?
If it sounds too good to be true, it probably is! Hackers are fantastic at making malicious emails seem legitimate. Trust your instincts, use common sense, and know there is no sexy woman in Russia dying to meet you, and you don’t have a long-lost cousin in Nigeria who wants to put money in your bank account if you provide them with your information! Know that a bank or a government administration will never ask you to share important or personal information via email or online. When in doubt – don't click or open anything.
Just the other day, our Herjavec Group team sent out a company-wide email, and within seconds we had dozens of employees reaching out to see if the link was legitimate or if it was a phishing email. Luckily, it was real – but it was great to see so many people on our team demonstrating awareness and caution!
If you receive something that seems even slightly suspicious, bring it to your IT team!
In your opinion, why do people still push cybersecurity to the background despite the recent rise in various cyber-attacks?
When people think of cybersecurity, they often see it as an IT problem and responsibility – a challenge or risk that only affects large organizations, but this isn’t the case. Like I said before, hackers don’t discriminate. They don’t care if you’re a 13-year-old on the internet, a small mom-and-pop shop, or a billion-dollar corporation. Cyber resilience is important for everyone.
The hard truth is cybersecurity is complex and can be expensive, but studies have shown that the cost of a cyber breach far outweighs the cost of prevention. As a business, you have an obligation to take care of your customers and employees, and that means doing your part to protect their data and personal information. This should include developing a security team that can build and manage a cybersecurity program that balances the technical components along with the user experience and stakeholder buy-in. This can be a daunting task, but you don’t have to do it alone! Engaging an MSSP, like Herjavec Group, is a fantastic way to make sure all your cybersecurity bases are covered with a comprehensive strategy and best-of-breed tools, so you and your team can focus on day-to-day tasks and business operations.
Besides ensuring security for companies, you also provide incident response and digital forensics to deal with the aftermath of an attack. Could you tell us more about the recovery steps?
We believe Incident Response and the following forensic component is essential to any cybersecurity program, and we customize incident response plans based on our client's unique and specific needs by bolstering their existing tools and processes with our state-of-the-art networking, discovery, and forensic tools.
Our flexibility provides a faster, more effective response. While we can provide remote triage and expertise across multiple security domains, we believe that on-site presence is critical to managing an incident, interacting with management, and ensuring the best outcome overall. Even when the incident is closed, we don’t just abandon our clients. When an incident occurs, Herjavec Group follows through on recommendations and supports our clients through the entire cycle of remediation, including forensic analysis of how the threat actor was able to breach the system and what they can do to ensure it doesn’t happen again. Our clients can rest assured knowing that their investment with HG can be leveraged for Incident Response support as needed or dedicated to additional Incident Response services, such as tabletop exercises and Incident Response planning.
Share with us, what’s next for Herjavec Group?
Our main goals at Herjavec Group are to expand and grow! We’re excited to be accelerating international expansion efforts, augmenting our talented team with additional threat and identity access & management resources and capacity, and further advancing HG’s proprietary platforms.
Selfishly, I’m also consuming my time with what our MSS customer experience feels like. We want to build tools and services that highlight the valuable performance and risk indicators our customers need to gauge their defensive posture and achieve their program goals. We want them to dynamically dive into the information and analytics we are seeing within our service delivery teams and let them not only interact with the engineers/analysts working their account, but interact directly with the data that allows them to make informed decisions on their budget, their resourcing, their goals, and more.
We have recently been acquired by Apax Partners Ltd, a partnership that has expanded our capacity to build on our recent growth and continue investing in our team and enhancing our service offerings as we work to be the industry’s top managed security services provider.