Mediaplanet spoke with cybersecurity expert and CEO of Herjavec Group, Robert Herjavec, to discuss the importance of cyber resilience and how the cybersecurity landscape has changed over the past year.
What business priorities have the unprecedented disruptions caused by the pandemic brought to the forefront?
At the beginning of the pandemic, every business leader was operating in the same mode: survival. No one could see past tomorrow; the focus was simply to “keep the lights on.” Organizations prioritized adapting protocols, finding new ways to connect with customers, and, in many cases, moving nearly all employees to a remote work environment overnight.
These quick pivots led to the rapid adoption of digital transformation, putting entire enterprises at high risk for cyber-attacks, as many cybersecurity practices and policies were not scaled to the challenge.
Business leaders now have to re-assess their security toolbox and look for stronger protections in the new digital landscape of their companies.
Today, cybersecurity must be a leading business priority for companies of any size. Whether you’re selling custom t-shirts on Shopify, or you’re the largest online retailer in the world, all businesses are vulnerable to data breaches and malware. I went on the record this past January saying this will be the year we look back on in terms of heightened impacts of nation-state attacks and emerging threats – and boy was I right! Targeted attacks like those against the SolarWinds supply chain and the Colonial Pipeline were only the beginning. The cybersecurity challenges we continue to face in 2021 have been varied, frequent, and demanding.
How can businesses remain resilient and competitive as we navigate through 2021 and beyond?
With the increasing amount of ransomware attacks in the media headlines, enterprises in every industry have been forced to look at their business differently. It’s about planning for the unexpected, adapting to the current environment, and implementing security-driven business strategies. Cyber resilience is essential to business resilience.
The impacts of these attacks go far beyond the financial aspect – It’s also brand integrity, disruption to workflow, and the loss of data that have the biggest effects on organizations. Having a strong security posture and an emergency preparedness plan resilient enough to withstand any breach or ransomware attack is essential for businesses to be competitive in this digital era.
With the increased digitization of business operations, and so much of the workforce now working remotely, how has the role of cybersecurity changed?
The traditional cybersecurity perimeter has disappeared. The new edge of the network is the individual, and protecting that identity is critical to your cybersecurity infrastructure.
Think about it – in a physical workspace, you’ve got more protocols like swiping badges for building access, multifactor authentication on all your devices, a secure company network in place, and day-to-day facial recognition through in-person interactions with your team.
Now, as companies have transitioned to more of a digital business model, data is being generated and shared both internally and externally at a rapid pace without the traditional defences in place. Excessive employee access is one of the fastest-growing unmanaged risks to the protection of critical enterprise data. With employees working from home, how are you identifying who is logging into your network? How are you controlling who has access to what?
Identity and Access Management (IAM) has become a top priority for cybersecurity. It helps enterprises proactively reduce the risk of security breaches and protect corporate data in order to safeguard their business’ reputation, legal responsibilities, and financial well-being.
How can organizations ensure that the right people are accessing the right data at the right time as their digital footprint becomes more complex?
Great follow-up from the question above – IAM is key! We’ve seen this need increase across our client base at Herjavec Group. Cloud-based work and online accessibility are now essential, and it’s not just internal teams that are accessing your network. Clients, vendors, and partners require it, too, which is why establishing a strong Identity Governance program is crucial.
Identity Governance is one of the pillars of IAM that allows your cybersecurity team to decide who has access to what and when – a critical capability when you have internal and external parties requiring access to different parts of your enterprise network. Creating a common and mutually understandable process and language of access between your IT team and other business departments will reduce risks and improve your security posture to handle a growing digital footprint.
In addition to Identity Governance, Herjavec Group also specializes in Privileged Access Management and User Authentication services. Having a team that’s there to monitor and detect any unusual behaviour, both internally and externally, has never been more important than it is today.
What can organizations do to prepare against cyber threats and protect their data before they find themselves under attack?
The absolute worst time to decide how to handle an incident is AFTER it occurs – you have to plan ahead. The pandemic drastically affected the way cybersecurity professionals detect, manage, respond, and secure.
Prioritizing cybersecurity is not optional. It is your obligation as a business leader to secure your mission-critical assets, your employee data, and your customer data – full stop. In order to do this, you have to balance your security environment with preventative and defensive security measures, which include gaining visibility across endpoints, regularly scanning your network, and leveraging third-party support in the form of Managed Security Services: both Managed Detection and Response (MDR), and Incident Response (IR) services.
You must evaluate your tools, your visibility, and your degree of control to understand how to build your security plan effectively:
- Your Tools – Does your technology stack deliver the same level of security efficacy for your post-covid corporate environment?
- Your Visibility – Endpoint Coverage, Regular Scanning Cadence, 24/7 Device Monitoring & Management
- Your Degree of Control – Access to Contain and Configure Devices as Necessary, Patch Management
Cyber resilience is important for organizations of all sizes and industries. What can businesses that might lack internal capacity or expertise do to ensure they are protected against cyber threats?
Just like you said, cyber resilience is important for everyone. We need to change the perspective of cybersecurity being purely an IT challenge or risk that only affects large organizations. Cyber hackers don’t discriminate, and encouraging this perspective among all levels of your team will not only increase cyber resilience but improve business operations in the ever-changing digital landscape.
You also need to consider the cybersecurity talent shortage – it’s one of the greatest challenges of our time, and companies of all sectors and sizes experience it. Engaging a team that focuses solely on cybersecurity as an extension of your enterprise is key. Sure, a lot of general providers are capable of setting up a basic cybersecurity program, but working with a Managed Security Service Provider – a team solely focused on the day-to-day defence of your infrastructure that monitors your network, systems, and data – 24 hours a day, seven days a week, is the best way to protect your enterprise.
Ransomware has been a hot topic recently, why has it been so prevalent and what can organizations do to protect themselves?
Cybercrime and cybersecurity are in a constant battle – both sides are always working to outwit the other! Unfortunately, one way cyber criminals have attempted to find success is by taking advantage of vulnerable situations like the COVID-19 pandemic. Simple but sophisticated tactics like phishing emails that prey on the anxiety surrounding the coronavirus and remote work environments connected to unsecured networks have caused the frequency and cost of ransomware attacks to skyrocket.
Herjavec Group’s Threat Hunter team recently analyzed the most active ransomware operations and reported on the highest-impact adversaries in the State of Ransomware in 2021 Report. According to the report, the best way to defend your enterprise from a breach is to start with implementing proper Identity and Access Management (IAM) protocols, leveraging Privileged Access Management (PAM) best practices and educating your team on how to identify spam and phishing emails and what to do when they receive them.