2020-11-26 A few weeks ago, Nick Keene, Synapsys Presales Engineer, joined the panel in a webinar organised by Rectron to discuss how companies can boost their cyber protection. As well as his recommendations for what to do if you get hit by a ransomware attack (which, if you haven’t read you should, we share the link below) he also shared the following insights.
1. The IT skills shortage is adding to the cyber protection challenge
IT teams are stretched with members often wearing many hats. This is true for companies of all sizes, but is particularly true for smaller companies, where the entire IT team might comprise only one person. Additionally, small and medium companies often don’t have a CTO to make strategic decisions around the tools to use, and this can end up in organisations inappropriately using consumer-grade security tools in a business context. This leaves organisations vulnerable to cybercrime due to gaps in their protection and lack of visibility and control.
2. Identity is the new edge
The days of having everything wrapped up neatly behind a corporate firewall are over, thanks to the rise in mobility as well as the switch to remote and hybrid workforces during the pandemic. Your people’s identity is the new network edge and it is vital to maintain the integrity of your employees’ identities and manage how they access your corporate network whether it’s via laptops, workstations or mobile devices. Today, VPN access to corporate networks is essential.
3. Cyber protection is a human problem too
The Experian South Africa data breach reminds us that it’s not only digital identities that need protection and verification, and that cyber protection is a human problem too. Not all the threats to your data are digital, and it’s not only malware, ransomware or hacking that need to be safeguarded against. It’s your valuable data that criminals are after and they don’t really care how they get to, steal or manipulate this.
4. Companies need to move past “production is king” thinking
Although this thinking predates the COVID-19 pandemic, the shift to lockdown quite dramatically illustrates it. Understandably, for many companies the focus was on getting employees up and running from home, to keep the lights on and minimise business disruption. To be sure, there were those companies prepared with things like VPNs and access control already in place. But for many, cyber protection was at best cobbled together and a best effort. Now, a few months down the line, we need to shift from “production is king” thinking to a more considered, integrated approach to cyber protection (while still, of course, enabling our organisations). As we’ve seen from the rise in cybercrime this year, it is not good enough to treat cyber protection as a best effort afterthought.
5. Cyber protection needs to be integrated
Following on from the previous point, to protect your business today, or as an MSP to protect your clients, you need to take a holistic view of cyber protection. This should blend antivirus, backup, management of endpoints, fileshare control, access control, management and monitoring, and everything else that goes into protecting your people and data. Holistic protection with a single pane of glass to monitor and manage is the best approach to protecting valuable assets across all critical fronts.
Read Nick’s ransomware rapid response plan here.
To hear Nick and other expert speakers discuss securing your business from cyberthreats, you can watch the full webinar.
Written for publication on the Synapsys website on 26 November 2020