George Axberg, VP of Data Protection at VAST Data:
“Ransomware is top of mind not just for IT professionals but also in the boardroom. Budgets are being allocated to implement Vanguards to keep bad actors out, and Zero Trust is being implemented for those within. That said, the numbers still show that the threats are increasing at an alarming rate.
“How we a natural disaster is similar to how we steward of our data and react to an event to a cyber strike. Processes need to be put in place to react swiftly in the event of an attack. Part of that plan of resilience needs to be a repository worthy of storing those digital assets and RESTORING said assets to a workable form.”
Tilo Weigandt, Co-Founder & COO, Vaultree
Education and communication are key in the cybersecurity industry. Cybersecurity doesn’t have to be complex and boring; it can be educational and fun if approached from the right angle, which can take away the fear of entering this space or diving deeper into a specific topic.
What’s important is to start with the basics and learn the mechanics and dynamics of security measures and their counterparts. But you don’t even have to be an expert in, say, cryptography to make a sound decision; there is no shame in taking advice. However, the abundance of vendors in the space makes it difficult to cut through the noise and it can sometimes seem overwhelming. So, sit down with experts and exchange thoughts and doubts, be part of communities and talk about your pain points, and talk to selected vendors to understand different approaches.
Always keep in mind: No matter what we do, data breaches and leaks will always happen, so the essential second line of defense – encryption – is crucial to any security plan. There are already vendors out there offering solutions with which you can process, search and compute always-encrypted data at scale, so that you can concentrate on your daily business and fight other fires.
George Waller, Co-Founder and EVP of Zerify:
“AWhile it’s more than a month-long focus in our eyes, we are glad cybersecurity is getting the world’s attention in a time when hybrid and remote work environments support critical communications, and video conferencing takes place from multiple locations and even multiple unknown devices. We hope that as the usage of collaborative communications increases – and the world continues to rely on video conferencing platforms- Cybersecurity Awareness Month will be a time to hone in on greater capabilities to secure organizations, ensuring Zero Trust across platforms, greatly reducing breaches and hacks and thwarting the efforts of bad actors across the globe.”
Jason Stirland, CTO at DeltaNet International:
“According to a recent study by Interisle, phishing attacks rose by 61% in 2022 to more than one million attacks. What’s clear is that cyber-attacks, such as phishing, aren’t disappearing anytime soon. Phishing attacks are increasingly becoming sophisticated, with cybercriminals finding more creative ways to catch people out. IT professionals must work with their HR teams to prioritise training employees on cybersecurity awareness issues, from understanding how to spot phishing attempts to preventing data breaches.
“Educating employees on cybersecurity awareness training should be refreshed yearly and shouldn’t wait until a data breach has occurred. Unfortunately, research from the World Economic Forum revealed that 59% of cyber leaders said they would find it challenging to respond to a cybersecurity incident due to the skills shortage within their team. With the skills gap in cybersecurity, it’s evident that organisations remain at risk in protecting their infrastructures. While businesses should have robust security systems in place, a compliant culture should exist throughout the company to reduce risk. It shouldn’t just depend on an organisation’s IT or security professionals to protect the company against cyber threats. Cybersecurity requires accountability from all employees, and the workers will only understand this if they are trained on its importance and know how to act.
“Over the past year, organisations across the globe have been dealing with employees returning to the workplace, navigating office-based, remote and hybrid workers. Unfortunately, many businesses forget the importance of training their hybrid and remote workers about cybersecurity best practices – weakening the organisation’s resilience to any security breaches. IT professionals should identify any skills gaps in the organisation and ensure all employees understand their role in safeguarding the organisation’s infrastructure and protecting its data.”
You can find our other articles on cybersecurity awareness month here, here and here.
Pingback: Thoughts on Cybersecurity Awareness Month from around the Industry. - Cyber Protection Magazine