Advanced cybersecurity measures are often not considered until there is a breach. Things have gotten very scary for organizations as hackers have found they can attack literally at will.
Just yesterday we detailed many of the “known” ransomware attacks which have hit the U.S. – especially Texas which had over twenty – all about the same time. As we were writing, yet another city was hit!
Hackers are emboldened and why not? They make money, they make headlines and they have nothing to lose. Ransomware-as-a-service tools are better each day and cheaper to get access to.
Organizations, on the other hand, are basically screwed – they often do not prepare unless they are hit. If they are hit, hopefully, the breach isn’t so big as to cause customer defections and bankruptcy. We have sadly seen this happen.
But cybersecurity takes many forms and is more of a journey than a destination. To learn more we had an exclusive interview with cybersecurity expert Debbie Gordon, CEO of Cloud Range Cyber regarding how companies can protect themselves from cyber-attacks before they happen and most importantly, how to respond to a breach.
Why do companies continue to be breached?
The fact that the internet is so open and available to everyone may be a great advantage, but it’s also the element that puts us most at risk. While companies have the latest tools and technology in place, it really comes down to the skills of the people operating them. Hackers’ skills are evolving more quickly than those of cyber defenders; as long as a hacker is one step ahead of a company or a country, that’s all it takes for a breach to happen.
What steps can companies take to protect themselves?
One of the fundamental challenges of cyber risk is the staggering skills shortage within the industry. Companies don’t have the opportunity to be proactive when it comes to their security strategy; they are always in a defensive, reactive mode, so it’s almost impossible to be proactive. Companies can protect and prepare themselves by providing their people with the skills to be proactive, which can be done through cyber attack simulation exercises that teach them exactly how to detect and remediate cyber attacks — not for IF they happen, but WHEN they happen.
How do companies know what technologies to invest in? Or, what are the latest technologies available to avoid a major breach?
Every year, hundreds of new technologies are introduced into the cybersecurity industry to try and protect companies, which are basically more and more bandages. It’s difficult to know exactly what to invest in. However, people are now starting to understand that it’s not just about investing in these advanced technologies, but about preparing the people using them to be able to detect and remediate a threat before it becomes an incident. This is done using a cyber range. No different from a flight simulator, companies can now use cyber ranges to go through simulation exercises in real time in a live network environment to ensure they’re prepared for any type of attack. You wouldn’t want to board an airplane with a pilot who hasn’t gone through flight simulation exercises, or have open-heart surgery from a surgeon who has only sat in a class. It’s no different for cyber defenders.
How does your company fit in here?
Cloud Range help companies be prepared for inevitable cyber attacks by using a hands-on simulation approach that enables them to experience live cyber-attacks in a protected environment. They are able to practice detection, investigation, and remediation for dozens of types cyber attacks. this is done on a virtual cyber range where users login to a protected site and are able to access a real enterprise network environment with cyber attacks running through it.
Why is there a cyber skills gap?
The threat landscape is growing faster than the ability to educate and employ skilled professionals. The focus has been on technology, and as a result technology has evolved faster than the skills people have to manage it. This has created a feedback cycle: because of the skills gap, there aren’t people to teach people, and the threat landscape continues to grow and therefore perpetuates this problem.
What motivates hackers?
What we hear about mostly revolves around money and stealing personal info on the dark web, but what we don’t hear about is the real warfare that hackers can impose. For example, shutting down our power grid, poisoning our water, impacting things we take for granted every day. These attacks pose a real threat to our society and can have dire consequences on our critical infrastructure.
How can we protect our critical infrastructure?
It all starts with preparing the people that are working with our infrastructure. States, municipalities, and our federal government can take preventative measures to control critical infrastructure by ensuring people are trained and prepared for any incident. When it comes down to an attack, the people are truly the last line of defense. And the only way to ensure they are truly prepared for virtually any attack is to practice in a simulated environment. Less than 2% of organizations are using simulation to prepare their security teams, and it’s predicted that 20% will be using them by 2022. This shows the importance of focusing on people and processes, not exclusively on technologies.
How do companies know if they’re prepared? What about an attack they’ve never seen before?
Every company should always assume they will be breached at some point, no matter what technologies they have in place. However, at the end of the day, to determine how prepared they REALLY are is to simulate attacks in a cyber range environment and have objective, measurable results on their ability to detect and defend against threats. Again, we’re focusing on the last line of defense — the people — and measuring their actions to determine whether or not they are actually prepared. With the different types of cyber attacks that are constantly being developed, cyber defenders must constantly evolve their skill sets, just as hackers do.
What about an attack they’ve never seen before?
Cybersecurity defenders have to understand anomalies, and this is where critical thinking skills come into play. It’s not just the technical skills, but the critical thinking skills that are also imperative. A cyber range is a great way to continue thinking of ways attacks might occur. A cyber range allows you the ability to practice all sorts of different scenarios. Just like pilots in training must train in different situations, cyber defenders have to as well. Having access to a cyber range gives you that flexibility and ability to simulate all sorts of attacks. Having the muscle memory and critical thinking to respond to a variety of attacks can equip cyber professionals with the ability to defend against a cyber attack they maybe haven’t seen before.
What’s next for your company?
Cloud Range is focused on setting new standards for cybersecurity training and preparedness by making simulation training a requirement for any cyber defender, both to qualify for a job as well as continued ongoing practice to ensure ongoing preparedness for emerging threat types.
We here at tehrani.com also recommend you get a free evaluation of your cybersecurity risk from an MSP/MSSP immediately.