Regardless of the subject, there’s no one better to learn from than the experts. With this thought in mind, we recently held a cybersecurity webinar featuring Kevin Mitnick, a famous hacker and New York Times bestselling author, James Morrison, a HPE Distinguished Technologist and a former FBI agent, and our own Greg LaBrie, an enterprise security industry veteran and our Vice President of Technology Solutions and Services.
The webinar titled "Hack Me If You Can!" is now available for on-demand viewing here, and it shared expert insights on key cybersecurity topics including:
- Common threats and tactics used by today’s hackers
- Which new technologies can improve your cybersecurity strategy
- How to turn the tables on cyberattacks through offensive and defensive security strategies
In this article, we’ll share the top three takeaways from the webinar that you need to know to effectively combat today's evolving cybersecurity threats.
1. Identifying Your Priorities Should Be The First Step In Your Cybersecurity Strategy
In the last year and a half, enterprises around the world have been faced with a substantial, new challenges. In terms of IT and cybersecurity, the exodus to remote working, maintaining that, and the evolution of the hybrid workspace has stretched enterprise security teams to the breaking point. Unfortunately, the bad guys know it and have no qualms about taking advantage.
According to a report on cyberattacks from INTERPOL, the rapid deployment of remote systems and networks allowed criminals to take “advantage of increased security vulnerabilities to steal data, generate profits and cause disruption.”
Even now, as some companies go back to the office and others delay in-person plans, or adopt a hybrid approach, cybercriminals are waiting for their opportunity to strike and these transitional periods are the perfect target.
In addition to the confusion and uncertainty created by the pandemic and the subsequent rise in cybercrime, companies are overwhelmed as they re-evaluate their security strategy and solutions as they begin to implement a more comprehensive cybersecurity strategy.
During the cybersecurity webinar, Greg LaBrie shared how the amount of enterprise security solutions on the market and the complexity of setting up security throughout an enterprise’s digital environment is making it hard for companies to determine their security priorities. As a result, many companies end up utilizing solutions that aren’t the best fit for their needs or leave vulnerabilities by neglecting to secure certain aspects of their digital environment.
“Don't just buy any server, but look carefully at your server. Just don't throw any solution out there, but really look at one of these confusing acronyms like ZTNA (zero trust network access). It means you have to have endpoint protection. It means you need to have multi-factor authentication. It means you need to have network access control and identity management,” Greg shared during the webinar.
“Put those solutions in place and also have a plan B. Have a backup. Have a way that if you do get ransomware that you can recover. That you don't need to even be concerned about paying a ransom or the threat of paying ransom.”
2. Utilize Penetration Testing To Analyze Your Cybersecurity Strategy
Once your cybersecurity strategy is in place and you’re up and running, the next step should be to test for any vulnerabilities. That’s where ethical hackers like Kevin Mitnick come in.
After getting himself into some hot water utilizing his talents in not-so-legal ways, Kevin eventually began operating a cybersecurity testing company and now helps enterprises determine areas of improvement in their defense strategy.
“I think penetration testing is absolutely necessary, because how do you know what weaknesses are in your security controls? How do you know that your network services aren't exploitable? What about your web applications?” Kevin said during the webinar.
During the course of a penetration test, teams like Kevin’s make use of strategies that today’s hackers would utilize, using their creativity and expertise to determine how a cybercriminal could gain access and then, figure out what needs to be done to remove that vulnerability.
Sometimes it’s the simplest things that give cybercriminals the keys to your digital environment.
“I can't tell you how many times organizations we tested that have all the privileged passwords sitting there on unencrypted Excel spreadsheets on the IT drive. And that's the first place a bad actor is going to look.”
3. You Don’t Have To Go It Alone
Just like any other predator, cybercriminals want their prey scared and isolated. Thankfully, as it is in the animal kingdom, there is strength in numbers when it comes to cybersecurity.
New security guidance is coming out every day and sharing information is one way we can get ahead of bad actors.
For enterprises, another method is to work with a partner like WEI on your cybersecurity strategy.
As shared by James Morrison during the webinar, security is being built into tools that never had it before and while not every solution is going to fit your enterprise, by talking to your IT solutions provider, you can better determine what your cybersecurity needs are.
“Modernization is not just about us tech companies trying to sell the new gadget. There are new security features built into a lot of the things that we do. So, let's have that conversation. Don't just ignore it because you think we're trying to pump a product. If it's ransomware that bugs you, let's talk about it. Let's talk about ransomware avoidance, ransomware remediation, ransomware recovery. All of these things, but we've got to start with having that honest conversation … Can you afford $11 million for ransomware? Because if you think your insurance is going to protect you from it, that ship is sailing.”
Ensure a Comprehensive Cybersecurity Strategy With WEI
Having a trusted technology partner like WEI can help you build the right security foundation with secure tools like HPE ProLiant Gen10 servers integrated with AMD Processors, while walking you through a cyber-savvy strategy to identify vulnerabilities and take a proactive approach to risk mitigation.
NEXT STEPS: Watch the webinar for other cybersecurity pearls of wisdom as you take a closer look at strengthening your own security posture. You can also sign up for a one-on-one security conversation with our experts here.