Ilan Sredni, President of Palindrome Consulting, spoke to members of the Global Entrepreneurship Initiative on the importance of cyber security.
The Global Entrepreneurship Initiative recently hosted a Cyber Security Forum, at which Ilan Sredni, President of Palindrome Consulting, addressed attendees on the topic of cyber security. Held at the United Nations Headquarters, this event offered business leaders the opportunity to discuss and learn about the latest developments in the global cybercrime landscape.
For his talk, Ilan discussed the 3 T’s of Cybercrime Prevention:
Companies are at risk based on the weakest links in their cyber security – poorly trained employees. Playing Russian roulette with the company data is one simple mouse click away. That’s why continuous training with a variety of different methodologies is necessary in order to have employees be knowledgeable and aware.
Security awareness training helps users to recognize and avoid being victimized by phishing emails and scam websites. They learn how to handle security incidents when they occur. If users are informed about what to watch for, how to block attempts and where they can turn for help, this alone is worth the investment.
Without going into the specific toolset that can be deployed at any given time, these technologies have to change very quickly due to the threats that are evolving almost in real time. As the threats become more sophisticated and advanced, our tools need to evolve as well.
And they have – security based on advanced algorithms that can adapt and learn creates a system that can become familiar with the normal patterns associated with each user and device, detecting anomalies in those patterns quickly.
Essentially, something known as a neural net can be used in cybersecurity efforts. Based on a robust algorithm, the neural net can “learn” to spot patterns associated with security threats – e.g. previously identified and classified phishing emails.
A variety of different proactive and reactive tools help identify the threat, resolve the impact and restore the network back to full functionality. The key in the process is to be ready to Identify, Protect, Detect, Respond & Recover from any result one finds.
How, prevention is not enough alone – there are cases when the tools and training are not sufficient due to the nature of how advanced some of these attacks are. In those cases, one must have a state-of-the-art business continuity and disaster recovery solution in place as well in order to recover. It’s important to protect yourself before and after a potential security breach.
No matter how much training you have done for your staff or how advanced the tools might be, it’s important to be realistic about the cybercriminals that are trying to hack your data – they are often better funded and much more aggressive. It’s recommended that you continuously test the tools and the training that users have with them.
The Importance Of Cyber Security
When everything is going well, the last thing you want to do is think about what will happen when something goes wrong.
There’s no point in dwelling on the potential for a security disaster though – you know that it’s a possibility, so let’s just leave it at that. What’s important about this is that you know to cover your bases.
No need to assume the worst – just plan for it, so you know you’re covered. As they say, an ounce of prevention is worth a pound of cure.
It’s important to recognize that the cybercrime business has never been bigger – it’s estimated that the global cybercrime industry will cause up to $6 trillion in damages in just a few years.
You don’t need to be told how important something like cyber security is – it’s obvious after all. Everyone knows the consequences of unsecured business technology.
The State Of Cyber Security Awareness
The bad news is that there is a major lack of skilled cyber security – and general IT — professionals in the IT field.
“The shortage of skilled security professionals has been a perennial problem that consistently results in failed security technology deployments. The number of unfilled cyber security roles is expected to grow from 1 million in 2018 to 1.5 million by the end of 2020.”
Furthermore, recent polling performed on behalf of Tripwire found even more troubling evidence:
- 93% of polled IT security professionals say the skills required to be a great security professional have changed over the past few years, which is making it harder to find properly skilled cyber security professionals.
- 85% report their security teams are already understaffed, and only 1% believe they can manage all of their organization’s cybersecurity needs when facing a shortage of skilled workers.
- 96% say they are either currently facing difficulty in staffing security teams due to the skills gap or can see it coming.
“The skills gap issue continues to worsen, which is troubling, since cybersecurity threats only continue to grow,” said David Meltzer, chief technology officer at Tripwire. “Additionally, security teams are in search of new skillsets to deal with evolving attacks and more complex attack surfaces as they include a mix of physical, virtual, cloud, DevOps and operational technology environments. It’s becoming more difficult to maintain critical security controls, and there are fewer people available to do it.”
It’s for all these reasons that Palindrome Consulting is committed to promoting cybersecurity awareness, both through events like the Cyber Security Forum and in the services they provide.
For 20 years, Palindrome Consulting has delivered IT solutions and support designed to help clients see a return on the investment they make in technology. Through a combination of certified Microsoft expertise and diverse technical skillsets, the Palindrome Consulting team helps clients to increase security, as well as address other common business pain points.