Expert Comments

Cyber Experts Comment On Bitdefender Report: The ‘New Normal’ State Of Cybersecurity

Expert(s): Security Experts
Expert(s): Security Experts Published: Last Updated on

In response to a new Bitdefender report which found that COVID-19 has left businesses at a far higher risk of cyber-attacks, largely due to their corporate infrastructure being exposed to attack vectors and threats that would not have been considered a year ago, experts from three cybersecurity firms offer perspective. 

Experts Comments

Dot Your Expert Comments
James McQuiggan
November 05, 2020
Security Awareness Advocate
KnowBe4

Keeping the external systems current with the latest software significantly reduces the risk of a successful attack.
All organizations must have a robust security program that includes a repeatable change management program to keep up to date on known vulnerabilities. Without up-to-date patching, it's an easy attack vector for cybercriminals, nation-states, and a beginning hacker to scan the internet to find network devices that are not up to date. Having vulnerabilities exposed to the internet is like leaving the front door unlocked to your house when you go away on vacation. While you might be able to stop .....Read More
All organizations must have a robust security program that includes a repeatable change management program to keep up to date on known vulnerabilities. Without up-to-date patching, it's an easy attack vector for cybercriminals, nation-states, and a beginning hacker to scan the internet to find network devices that are not up to date. Having vulnerabilities exposed to the internet is like leaving the front door unlocked to your house when you go away on vacation. While you might be able to stop them from stealing your essential items with an alarm system, the bad guys have been able to break in and could get away with valuables. Keeping the external systems current with the latest software significantly reduces the risk of a successful attack and the potential damage to the brand, revenue, and resources. For all employees working remotely, it's critical to have a policy for all workers to utilize a VPN connection from their homes to the office to reduce any risk from other devices on the employee's home network attempting to access corporate devices. Having a robust security awareness training program that will educate employees to spot phishing emails will reduce the risk of a business email compromise attack. This training can ensure that employees can make smarter security decisions and protect an organization from various cyber-attacks.  Read Less
Josh Bohls
November 05, 2020
Founder
Inkscreen

I encourage IT leaders to look at all mobile applications being used by employees.
Indeed, the immediate rise of WFH initiatives caught many IT departments unprepared to address new threat vectors and data security concerns amid the newly amorphous network perimeter. The SMB data transfer protocol has long been a target of bad actors seeking to penetrate file servers. I encourage IT leaders to look at all mobile applications being used by employees to ensure that any apps that access files behind the firewall are engineered to be managed by the company, deploy timely patches.....Read More
Indeed, the immediate rise of WFH initiatives caught many IT departments unprepared to address new threat vectors and data security concerns amid the newly amorphous network perimeter. The SMB data transfer protocol has long been a target of bad actors seeking to penetrate file servers. I encourage IT leaders to look at all mobile applications being used by employees to ensure that any apps that access files behind the firewall are engineered to be managed by the company, deploy timely patches to address newly discovered vulnerabilities, and commit to data privacy and data protection on an architectural basis. Thankfully there are EMM providers such as BlackBerry who assume the burden of testing and evaluating integrated applications from third-party vendors (such as Inkscreen) to ensure best-of-breed solutions for enterprise and government use cases.  Read Less
Chris Clements
November 05, 2020
VP
Cerberus Sentinel

The mass migration to work from home hasn’t so much introduced new threats so much as it has redefined that default assumption.
For the past three decades or so, organizations have invested in centralized information security controls such as firewalls, IPS, and patching solutions that assume that the network population is safely inside the company’s perimeter. The mass migration to work from home hasn’t so much introduced new threats so much as it has redefined that default assumption, rendering the centralized controls built around it far less effective. Another area of weakness highlighted by the raft of recent .....Read More
For the past three decades or so, organizations have invested in centralized information security controls such as firewalls, IPS, and patching solutions that assume that the network population is safely inside the company’s perimeter. The mass migration to work from home hasn’t so much introduced new threats so much as it has redefined that default assumption, rendering the centralized controls built around it far less effective. Another area of weakness highlighted by the raft of recent VPN and other remote access product vulnerabilities is monolith patch culture. For many organizations, patching efforts are centered around Windows patches, with other third-party software and notably networking equipment only patched on an ad-hoc basis. This reliably leads to delays, confusion, and incomplete coverage for patching even serious security vulnerabilities in these systems.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

Qualys Hit With Ransomware And Customer Invoices Leaked

Experts Reaction On PrismHR Hit By Ransomware Attack

Expert Insight On Ryuk’s Revenge: Infamous Ransomware Is Back And...

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Expert Reaction On Go Is Becoming The Language Of Choice...