RJ Hines Pro Cloud SaaS CXO sat down with Bob Baum our Managing Director of CyberSecurity to talk about the pressing CyberSecurity issues facing businesses today.
What are the biggest cybersecurity threats/challenges in 2023?
Some of the biggest challenges are insider threats, think “Social Engineering Attacks” both active and passive in nature. Active being activities being perpetrated with purpose, and passive would be people and organizations doing inadvertent things like not installing updates, accessing networks with uncontrolled devices, etc. We saw a huge uptick in this with Covid and people working remotely from home, etc. People do dangerous things by mistake, and some people also do dangerous activities with a purpose. As an example, additions to your network that are new or revolutionary and initially are unaccounted for, like digital signage (Interstate roadways, Turnpikes and Parkways, with Silver Alerts) Apple “Airtags”, which have led to car thieves utilizing these in order to track higher end vehicles to more secluded places, which then makes them easier to steal. And some of the newest and untested and unaccounted for “devices” such as people that have had a microchip installed into a part of their body that allows them to do banking transactions. Those people become a de-facto endpoint once they have that chip implanted in their bodies and can end up on a network without meaning to be there. As that human implantation of microchips takes hold, organizations will have to take steps to mitigate that type of a technology from being exploited.
If I were CTO/CIO/CISO what would be some of the first steps you would take to understand your current security posture?
A thorough endpoint discovery and assessment would be in order. As an example, you would be surprised at just how many organizations, such as Departments of Transportation and the like, throughout the world that do not know how much connected signage they have which is connected to the internet and is extremely vulnerable. That is just one example. In maritime we see the recent January 7th ransomware attack on a Norwegian risk management firm, which left ships stranded without a connection to on-shore servers navigational controls. And another very leading edge that needs to be managed more thoroughly at the IoT devices that are connected to both IT and OT control systems.
PCS offers their cyberGUARD Assessment tool to organizations concerned with these issues. Where do you see the greatest benefit?
cyberGUARD provides a highly organized, thoughtful and holistic process to help get your entire environment under Cyber Control.
With cyber threats on the rise, taking initial steps to protect your business can give you peace of mind and let you focus on what matters. In 2022, 64% of companies worldwide experienced at least one form of cyber attack, with the average incident costing an estimated $4.35 million USD. The bad actors that are out there targeting your organizational infrastructure are highly organized and patient. An organized, planned out assessment tool is a great way to counter these types of organizations looking to do harm to your firm, as it covers the critical components of an inclusive and proactive cybersecurity strategy, helping you and your team understand how to keep your business and data safe and secure. It is a three step system consisting of Audit, Plan and then Protection on an ongoing and flexible basis. Cybersecurity is a journey, not a destination, which means you will want to be able to continue to fine tune the components of your Cybersecurity stance as your business grows and the digital world evolves. ProCloudSaaS partners with leading cybersecurity platforms to offer clients a comprehensive suite of solutions, ensuring that you benefit from the latest technology in the market and are always protected from emerging threats, ensuring that you benefit from the latest technology and are always protected from emerging threats.
And after the assessment what are the follow on activities to insure a cyber secure environment?
First of all, enable/update MFA Multi-Factor Authentication and ensure that default passwords are not being utilized. Next, you need to take action on your newly defined technology environment, with endpoints being discovered and identified as high risk, with appropriate measures being taken to protect those endpoints immediately. You will need to update/initiate a new BYOD policy as well. And just think about how that policy would be affected if the whole “inserting a microchip into a part of my body” activity takes hold. (Your BYOD policy needs to be updated more often due to the speed of innovation that we are seeing). Organizations also need to adopt a Zero Trust type of policy (just because an entity had been in the network recently, maybe even moments ago, does not mean that you do not need to treat them as if they are an unknown quantity) in order to insure safety and security for their employees, customers and depending on the type of organization, for the general population as well. Some of the Power Generation, Water Security, Telecom, Government Contractors etc., come to mind, as far as general population safety. Organizations should look at themselves in the same way military and government entities think of themselves when it comes to cybersecurity: There should be as few Entry Points as is possible, and they should be as fortified with the best that there is as far as controlling entry is concerned.
They should also have a “Single Pane of Glass” if you will for everyone with cyber responsibility to go to in case of a cyber event. Single Pane of Glass is a term that refers to having all responsible parties within an organization being trained to go to that Single Pane of Glass whenever there is a problem within your technology environment, whether it be IT, OT or IoT focused. This prevents the confusion that ensues when a cyber event occurs, whereby some people are texting, others are calling on landlines, cell phones, others are relying on email etc. All of this just adds to the confusion during a cyber event, with initially no one knowing exactly where to go. There are a lot of other things as well, like identifying and decommissioning dormant software licenses and equipment.
After completion of the assessment what are the follow up activities to ensure a cyber secure environment.