Gidi Cohen, Skybox Security: “critical infrastructure is increasingly under attack”
With more companies eager to prevent cyber attacks before they happen, many turn to exposure analysis to understand existing vulnerabilities and promptly fix them.
Preparing for and mitigating cyberattacks is the most proactive and working cybersecurity approach for companies. There are various preventative solutions on the market, with comprehensive exposure analysis standing out for its effectiveness. Skybox Security is a security posture management company that analyzes hybrid, multi-cloud, and OT networks in order to prepare a sophisticated attack vector analysis.
Skybox Security’s CEO and Founder Gidi Cohen shared with us what common misconceptions organizations have about cybersecurity, and why understanding their attack surface is essential for every enterprise.
Next year is going to mark two decades since the establishment of Skybox Security. What has your journey been like?
I am excited to be approaching our company’s 20th anniversary in 2022. What our global team has accomplished across nearly two decades as a leader in the cybersecurity industry is incredible. In 2002, I launched Skybox Security in Silicon Valley just after the dot-com bubble burst. We have always been centered around the importance of business resiliency.
During my service in the Israel National Security Agency (8200 unit), my passions for math, advanced software technologies, and tackling complex cybersecurity challenges were formed. This background inspired the invention of the first commercially available cyberattack simulation engine, introduced by Skybox in 2004 and made available to enterprise and government customers.
At Skybox, you emphasize the need to reduce complexity in managing cybersecurity. Can you tell us more about this approach?
Over the past few years, market forces have caused an inflection point in cybersecurity that requires a new proactive approach to mitigating risk. The pandemic accelerated digital transformation, including rapid cloud migration, to support remote workers. As a result, the attack surface has greatly expanded. Regulations have grown in complexity. Critical infrastructure is increasingly under attack.
Skybox Security is dedicated to providing continuous product innovations that identify and proactively remediate critical attack vectors ahead of an incident. We enable our customers to make security decisions based on actual exposure and potential financial business impact. We help customers achieve continuous compliance, no matter how complex their environment is.
Your most recent research focuses on the state of operational technology security. What were the key findings?
Our 2021 research found that 83% of organizations suffered an operational technology (OT) cybersecurity breach in the prior 36 months. Not only do enterprises rely on OT, but the public at large also relies on this technology for vital services, including energy and water resources. Unfortunately, cybercriminals are all too aware that critical infrastructure security is generally weak. As a result, threat actors believe ransomware attacks on OT are highly likely to pay off.
In addition, this Skybox research revealed that organizations underestimate the risk of a cyberattack, with 56% of all respondents being “highly confident” that their organization will not experience an OT breach in the next year. Another alarming finding was that 34% of respondents believe that cyber liability insurance is a sufficient solution. However, cyber liability insurance does not cover costly “lost business” that results from a ransomware attack, which is one of the top three concerns of the survey respondents.
How did the pandemic influence the way cybercriminals operate?
The digital transformation required to enable global remote workforces also inadvertently introduced exponential growth of the attack surface. Cybercriminals saw this digital transformation as an opportunity. The pandemic’s impacts have inspired malicious actors to brazenly hack big targets and develop new exploits, the consequences of which have become increasingly evident throughout 2021.
In the medical world, we vaccinate people against serious threats. Cybersecurity leaders must adopt the same strategy, becoming proactive rather than reactive against potential threats.
In the age of remote work and online learning, what would you consider to be the essential practices organizations should implement?
Managing security posture has become a critical necessity for reducing the risk of cyberattacks. Organizations have a complex security stack and use a myriad of technologies. As a result, they discover that their muscle to manage security posture is under-developed at best. They need to adopt a transformation mindset.
By improving the security posture, it’s possible to eliminate the exploitation of known attack vectors. In addition, by understanding the context of the infrastructure and its security controls – on-prem, private cloud, and public cloud – and achieving full visibility of their attack surface, cybersecurity leaders will be able to better quantify cyber risks, prioritize remediation, and zero in on what matters.
What are the most common misconceptions companies tend to have regarding their cybersecurity?
Traditional risk scoring systems — such as the Common Vulnerability Scoring System (CVSS) — rank threats as critical, high, medium, or low in “severity” without considering real-world exposure levels. Threat actors know this, so they routinely exploit enterprises’ medium- and low-severity vulnerabilities as the first step in multi-stage attacks. In this environment, enterprises must take a new approach.
Developing a well-rounded and resilient cybersecurity program isn’t something that can happen overnight. Instead, it’s a journey that demands iterative change. The first step of this journey is understanding your organization’s current maturity level. It could be that you are addressing security on an ad-hoc basis, or you may have defined security processes, or you may be at the stage where you can manage your program and drive strategic change. By understanding what the next level of maturity looks like, you can develop a roadmap to improve your security posture.
And finally, what’s next for Skybox Security?
Recently, in December 2021, Skybox Security unveiled the industry’s first solution to model the attack surface across IT and OT environments. We can no longer think of OT security risks as separate from the entire enterprise. Securing, equipping, and enabling these assets is paramount to the success of industry 4.0 and digital transformation initiatives.
At Skybox Security, our mission is to ensure that cybersecurity matures at the speed of digital transformation. As a result, our innovation roadmap is focused on extending our network model to ingest data from transformative technologies and model entire network environments.