As mentioned in a previous article on EDGE360 Online, the importance of securing the IT channel has only increased in recent years, and for very good reasons. Whether because of the rapidly expanding role of remote employees and the resultant widening of the threat landscape that entails or because of new technology and the potential to exploit unknown vectors, the threat posed by malicious actors continues to influence the best security practices across the channel.
In a recent conversation with the EDGE360 Online team, John Wallace, Partner Business Development Specialist for Cyber Security at Cisco, shared some of his thoughts on the challenges facing IT consumers and how VARs and channel partners can best help them overcome them.
EDGE360 Online Editors: What is the current state of the cybersecurity industry? Are we safer than we were last year? Less safe?
John Wallace: The easiest way to answer that is to say we are safer than before against known threats. ‘Known’ is the load-bearing word in that sentence. With the continuous advancement of technology, we are making older threats less able to cause damage, but as much as we evolve, so does the other side.
As our technology becomes more automated, so do the attacks. Well-funded criminal organizations typically have better infrastructure than their victims. Relying on machine learning and artificial intelligence, hackers can now automate the creation of new malicious strategies and malware.
Unless a business is unifying its threat intelligence and infrastructure together and therefore automating ‘canned’ responses and actions, I would argue that business attack surfaces are certainly more exposed simply by the limited time our responding teams have in comparison to the attackers.
So, are we safer? That depends. We are certainly better armed against attacks, and we have created solutions that, along with government initiatives, have made things more secure. We just can’t get complacent.
Editors: What major initiatives from the government or solutions from the private sector have had the largest impacts on the cybersecurity posture of organizations? What other options are there for securing the IT channel?
John Wallace: There are many initiatives out there that each play their unique roles in helping make the public and the private sector more secure. Given my role at Cisco, I am a little biased about our solutions and initiatives, so please excuse a little self-promotion here!
I consider Cisco SecureX to be one of the biggest cybersecurity innovations to date. It allows our customers to unify threat hunting, device insights, user insights, automation and orchestration, and more into a single dashboard, which is unparalleled across the other solutions and initiatives I’ve seen.
Plus, SecureX offers the extensibility to integrate other security solutions where our customers have previously made investments (Cisco and third party). It’s also included with any Cisco security solution, which forms my response to your broader question.
What are we doing and what are our government partners doing? We’re prioritizing interoperability, and I see that becoming a major selling point for cybersecurity solutions moving forward.
Editors: What threats and challenges remain on the horizon?
John Wallace: The biggest challenge I see is that we are, unfortunately, hit with new attacks every day, and the old attacks are still applicable. This is because of the wide breadth of technology and solutions that we still see being used across the channel and through our partners. This will make securing the IT channel difficult but not impossible.
As an example, it’s estimated that the Log4J vulnerability will take a decade or more to eliminate. Let that sink in. Ten years or more to eliminate a very well-known and wide-reaching exploit! Thankfully, the solution is simple, and it’s deceptively simple at that.
We need to teach our partners and customers to do the ‘simple’ things first because sometimes they underestimate how effective they can be. Backups, endpoint protection, upgrades to the latest firewalls, and patch management lead to healthy infrastructure hygiene, making businesses resilient. Then, bite off the bigger challenges!
If an organization has the tools to build a strong foundation for cybersecurity, it will find that it is ready for whatever new ideas and practices get developed in the years to come. Good cyber hygiene will never not be part of a cybersecurity recommendation.
Editors: What are your top pieces of advice for organizations?
John Wallace: My top two pieces of advice are:
Back up your backups
Ensuring that if the worst were to happen you can get back on your feet quickly with your data in deep storage is the best way to mitigate downtime and lost business or service interruption.
Also, make sure to test them meticulously. They must get tested to ensure they will work. Otherwise, you’re just wasting server space and, perhaps worse, operating under a false sense of security.
Click nothing
This is, without a doubt, the easiest way for a malicious actor to gain access to your network. To the untrained eye, a phishing email will look like any other, but lurking behind that hyperlink is a criminal waiting for you, your employees, and anyone with access to it.
I was reading Greg’s article earlier and he pointed to “you the reader” as being the number one culprit behind attacks, and I have to agree. The person reading this, unintentionally or otherwise, is the best avenue for people to attack, and the best way to avoid that is to avoid clicking links until you are certain you know exactly who and what is on the other end.
Editors: What can organizations do to learn more about the threats that are out there and how best to face them?
John Wallace: First and foremost, ask questions about security. Knowing is half the battle, and there is nothing to be lost from looking to others for best practices or lessons learned.
Cybersecurity is a collaborative process; we are all in this together. Learn from each other and take advantage of that knowledge. Become an advocate for securing the planet, we’re all responsible for security.
To learn more about Cisco SecureX and the role it can play in securing the IT channel, click here.
