© 2021 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Rob Palermo, SecureLink: “cybersecurity became an even bigger priority during the pandemic”

As cybercriminals get more creative with their approach to attacks, cyber researchers and white hat hackers also work tirelessly to create new innovative ways of protecting the digital environment.

Today, cyberattacks look much less obvious: they can come from a threat actor disguised as your boss, an inattentive employee, and third parties you might work closely with. All of this presents us with a gloomy reality: it’s not a matter of whether your business will be targeted, but when it will be targeted.

We reached out to Rob Palermo, VP of Product Management & Strategy at SecureLink, to talk about the newest developments in the field of cybersecurity and discuss how SecureLink, which specializes in critical access management, can help protect enterprises’ critical assets.

After almost 20 years in the business, you’ve reached many important milestones. How did the idea of SecureLink come to life?

SecureLink was founded in 2003 as a software platform to provide secure, accountable, and auditable third-party remote access. Since then, we have helped more than 31,000 organizations ensure their data is secure during tens of millions of support sessions. We’ve had so much growth and success over the years, especially the last few. With the acquisition of Maize Analytics, a leading provider of data governance solutions, SecureLink has been able to expand beyond third-party risk management to offer more critical access management solutions. Now we are bringing SecureLink’s legacy third-party technologies together with Maize's artificial intelligence and audit review capabilities to tackle new challenges in security, privacy, and compliance.

This year, SecureLink along with the Ponemon Institute, released a report titled “A Crisis in Third-Party Remote Access Security,” which revealed the alarming disconnect between organizations’ perceived critical access threats and the security measures they employ for vendors. As a result, 44% of organizations have experienced a breach within the last 12 months, with 74% saying it was the result of giving too much privileged access to third parties. The report made it clear that organizations are not taking the necessary steps to reduce third-party critical access attacks and are, in fact, exposing their networks to security and non-compliance risks.

Last month, we also established PartnerLink, an enhanced partner program, designed to build and grow valuable cybersecurity solutions for customers. We’ve already signed 11 new partners, including Cavalry Solutions, Cyber Distribution, and SkyHelm, strengthening an ecosystem of 38 partners globally.

At Securelink, you emphasize the importance of Zero trust principles when it comes to security. Can you tell us more about this approach?

Zero trust principles have gained popularity over the last several years, and rightfully so. We use these principles to granularly control access to critical systems and data down to the host, port, protocol, or privilege level to mitigate the risk of cyberattacks and data/privacy breaches.

Zero trust is a cybersecurity concept that removes any implicit trust, regardless of who’s accessing a network or system and what’s being accessed. A zero trust model requires that insider and outsider access be verified and authenticated each time a user logs into a system. More specifically, Zero Trust Network Access (ZTNA) minimizes the risk of a breach by verifying user access through multi-factor authentication at each login and limiting network exposure through least privileged access, meaning users can only access what they need to perform their job duties and nothing more. ZT accomplishes this by removing the user off the network and routing them directly to the application needed, which limits any lateral movement by a (potentially malicious) user. SecureLink is proud to utilize Zero Trust Network Access in our third-party remote access solutions, which only grant extremely granular access through ZT methods to third-party reps and users.

According to one of your recent reports, over half of the organizations have experienced a data breach caused by third parties. What do these incidents usually look like?

To put it simply, each third-party connection creates another doorway into an organization’s network. The remote access connection a third-party needs into an enterprise’s network doesn’t typically have the same visibility, control, or security as an employee connection. This means it also doesn’t have the visibility, control, and security that are actually required to make these connections safe from data breaches. Because of the unsecured nature of these third-party connections, hackers take advantage of the opportunity and exploit the vulnerable connection to infiltrate a company’s critical access points.

The sophistication and exploitation of a variety of attack vectors are what makes SolarWinds the ultimate example of a perfectly executed supply chain attack. It’s estimated that over 1,000 developers worked on this malware, making it one of the greatest efforts in cybercrime ever. A mega breach of this scale all started by a third party sparking the crucial need for third-party risk management more than ever. Several large US federal agencies handling highly sensitive information and operations like the Pentagon, Homeland Security, and the State Department, not to mention major corporations such as Microsoft and Cisco that have software and hardware in almost every enterprise in the world, created many victims of this breach. On a more positive note, SolarWinds set off widespread calls for much-needed cybersecurity funding, reforms, and legislation that will force companies to more closely examine the software update process, vendor relationships, and other vectors that often contribute to supply chain attacks.

Did you run into any challenges during the pandemic? Were there any new features added to SecureLink as a result?

The pandemic caused challenges for many industries, but luckily, cybersecurity became an even bigger priority during the pandemic. The switch to at-home workforces and remote connections highlighted the need for secure remote access, which emphasized how important third-party remote access actually is—and resulted in us overcoming a lot of the challenges the pandemic tried to throw at us.

We’ve managed to quadruple the company’s revenue, mostly organically. Additionally, in October 2020, we made some changes that allowed SecureLink to continue its growth trajectory, resulting in the sale of the business to Cove Hill Partners. SecureLink also achieved its first acquisition of a data governance company, Maize Analytics, earlier this year.

The combined solution is available to customers across multiple industries. The healthcare sector, in particular, will reap the benefits as both SecureLink and Maize Analytics have significant expertise in this space. SecureLink currently serves over 1,000 U.S.-based hospitals and offers Best in KLAS electronic health record access monitoring services to help compliance and privacy officers quickly audit medical record access and identify suspicious behavior.

How can organizations make sure they pick a secure third-party vendor?

Critical access management solutions—like those provided by SecureLink— alleviate concerns around selecting third parties, as they help organizations seamlessly secure their critical access points. They also automate the process of reviewing, monitoring, and auditing access rights for both internal employees and external vendors. In short, critical access management solutions streamline the process of managing third-party permissions, effectively minimizing the risk posed by third-party vendors.

With the number of remote employees rising, VPNs seem to be the most popular option when securing the workload. Do you think this solution is enough?

Quite simply, no. Over the last two years, we’ve seen entire industries transition their workforces online, increasing remote access—as well as VPN exploitations. The Colonial Pipeline attack, one of the largest cyberattacks of 2021, was caused by a faulty VPN that should have been decommissioned. This is just one example that reveals how VPN solutions are often vulnerable points of access for cyberattacks, no matter the size of the organization.

VPNs lack the essential tools needed to adequately protect remote access connections. From a broad perspective, remote access connections need to provide access to networks using secure measures that ensure the verification of the user’s identity and the safety of the network. VPNs fail to fully secure connectivity because of their lack of access controls (like access notifications, time-based access, and limiting network exposure) and lack of access monitoring capabilities to track user access sessions.

Relying on VPN access for every vendor also leads to a fairly common security problem: pieces of paper (sticky notes) with login credentials sitting out in the open. There is a constant concern about who has the credentials to access the environment. With VPN access, it’s difficult to do the following:

Additionally, as cybersecurity companies fight for market share, SecureLink retains its unique position in the industry as a critical access risk management organization.

What are the most common threats associated with third parties? What can companies do to prevent such incidents?

Today the average enterprise has 67 vendors requiring access to its internal network. That translates into thousands of users connecting. And with 51% of organizations saying they are not assessing the security and privacy practices of all third parties before granting them access to sensitive and confidential information, it’s not surprising that 74% of organizations that have experienced a breach within the last 12 months say it was the result of giving too much-privileged access to third-parties.

It's clear that the most common threats are bad actors trying to attack and/or break into an organization's critical systems and data for a variety of reasons, whether it's money, vengeance, or sabotage. Because of this, critical access management needs to be a top security priority for organizations. Best practices include identifying and authenticating users, controlling vendors’ level of access, and recording and auditing vendor activity:

In your opinion, what kind of cyberattacks can we expect to see more of in the near future?

Critical access continues to be exploited for a growing scale of damages. Bad actors continue to identify third parties and their access points into enterprises, a subset of overlooked critical access, as valuable exploitation targets to gain footholds into some of our most vital services and infrastructures. Damages from attacks to critical systems and data should give us all pause, as well as be a wake-up call, that we need to embrace the zero trust model, and in particular, begin deploying zero trust network access as a first step.

Recent high-profile attacks like Solarwinds and Colonial Pipeline set off many more attacks, which does not come as a surprise. The Biden administration has already taken action, doubling down on cybersecurity funding and preventative protocols with a recent executive order and the inclusion of cybersecurity provisions in the upcoming infrastructure bill. It’s clear that we need to be faster in mitigating and containing cyberattacks and improving the security of major organizations. And we should expect to see more attacks that impact major industries.

There’s also a need for increased investment in our country’s cybersecurity infrastructure and the advancements towards collaborative cybersecurity goals between public and private sectors - a much-needed focus to ensure critical infrastructures are protected from cyberattacks.

Cyberattacks are increasing as well as becoming more sophisticated. This domino effect of attacks will be difficult to stop and we are likely to see similar attacks in the coming months. By taking necessary and quick action now, both the government and private businesses can control major damage that could last for years.

Share with us, what’s next for SecureLink?

SecureLink has four core products—Enterprise Access, Customer Connect, Access Intelligence, and Privacy Monitor—that provide solutions for several gaps in access security, such as the vulnerabilities in third-party remote access, user access audits, and session monitoring. We’ll continue to invest heavily in these products to further meet critical access management needs.

Looking ahead, we’re focusing on how we can best integrate the different capabilities of our technology across product lines. For example, our team is currently working on integrating the Enterprise Access and Access Intelligence products to bring comprehensive and secure third-party remote access that includes safe connectivity and an automated review process for vendor access rights. We’re seeing how the machine learning and AI technology currently built into our Access Intelligence and Privacy Monitor products can be used in our Enterprise Access and Customer Connect solutions used for third parties. And the video recording capabilities in the Enterprise Access and Customer Connect products are being integrated into our Privacy Monitor solution, so access is not just logged but also monitored via video. The technology originally built in our four products has tremendous potential for cross-functionality, and using that to our advantage only helps us shore up more gaps in access security.

Leave a Reply

Your email address will not be published. Required fields are marked