Integration of Security and IT
James Hughes, EMEA enterprise CTO and VP of systems engineering
You’ve heard it all before: there is a glaring disconnect between the goals of security and IT teams. But with the growth of technology and increasing amount of cyberthreats, the ultimate success will come from the integration of these teams. When these two teams are combined - and I’m not talking about just the integration of their tools, but real collaboration - recovery and cyber resilience will be at its peak. This results in a better security practice and posture, as well as allowing digital transformation within organisations. If security professionals are thinking of IT implications, and IT professionals about the security implications we begin to form a more unified process.
Ransomware as a Service
James Blake, field CTO security,
One of the things that has become a greater presence with the rise of ransomware attacks is the commoditization of Ransomware as a Service (RaaS). With the increase of RaaS, solutions for recovery and cyber resilience will be even more crucial. In the past, only with the exact know-how and tools could someone execute a successful ransomware attack, but RaaS has changed all that. RaaS services are being sold more actively online, and can be as simple as spam emails or clicking through infected websites used to steal data. With these easy to access kits available on the dark web, there are more attackers without the heavy cyber skill backing that criminal groups have. This results in a more ‘sprayed attack’ approach rather than targeted attempts.
The growing availability of RaaS is largely to blame for the vast increase in ransomware attacks. With the attacks growing in magnitude, so are the ransoms. Many vendors of solutions focused on malware are simply rebranding their products as anti-ransomware. Those of us who’ve worked on the operational side of cyber security know that even with those tools, we still had ransomware infections. Most organisations have managed to deal with the malware that gets through operationally, ransomware shares many of the attack vectors as malware and the impact of these attacks impact our core business and stretch into our downstream supply chains - we need to focus on resilience to build the right level of capability to deal with ransomware efficiently and effectively as a business-as-usual activity.
Core to that capability are platforms that aid customers in being able to detect and recover quickly.