Security Insights

UK businesses are short of skilled cybersecurity professionals, and the number of vacancies is in the tens of thousands.

Worldwide, the shortfall is in the millions.

But what are the reasons? Is it cultural, problems with education, a lack of diversity?

And what is the impact on organisations in the public and private sector?

Over the next few weeks, Security Insights will attempt to answer at least some of these questions.

Our first guest in the series is Deryck Mitchelson, former Director of National Digital and Chief Information Security Officer at NHS Scotland, and now global CIO and CISO at Check Point.

When IT director Tony Mendoza found his company under attack by a ransomware group, there was no playbook for how to respond. He and his team had to react -- at speed -- to a rapidly developing situation.

Fortunately his organisation, technology vendor Spectra Logic, survived the attack and was able to restore its data. But he learned some hard lessons about managing a crisis, building defences and, above all, why it pays to accept that an attack will happen.

In this episode, Mendoza recalls his experience to Security Insights editor, Stephen Pritchard.

Smaller businesses are no means immune to cyber attack.

In fact, there is growing evidence that criminal groups are targetting smaller businesses.

One reason is the changes to working practices brought on by the pandemic, with more remote access and the use of consumer IT. And smaller firms are being used as a way to infiltrate the supply chains of their larger customers.

What, though, can smaller companies do to improve their security?

Improved training, clearer IT policies and better use of security tools, including those that come with SaaS suites, all help according to this week's guest.

Lee Wrall is founder at Everything Tech, an IT services firm based in Manchester. He also believes passionately that smaller companies can be secure, withe the right planning and support. He spoke to Security Insights' Stephen Pritchard.

In the current climate, operators of critical infrastructure are finding themselves in the front line.

And it is not just the obvious and traditional fields of CNI, such as energy or transport, that are under threat. The banking system, healthcare, manufacturing and food supply are all part of geopolitical risk, and at risk of cyber attack.

So just how vulnerable is critical infrastructure to cyber attack? And how should governments and industry work together to improve security?

Our guest this week is security and risk consultant Mathieu Gorge. He also runs the Vigitrust Global Advisory Board think tank. He speaks to Security Insights' editor Stephen Pritchard

We apologise for the audio quality in parts of this episode.

In this episode we look at the risks and threats facing the cloud, with Ray Canzanese, director at Netskope’s Threat Labs.

The firm has just released its latest Cloud and Threat Report, and Canzanese talks through some of the highlights, including the use of PDFs and search engines to deliver malware, and the (mis)use of cloud storage.

How do organisations prepare for cyber attacks? Does “red teaming” work? And how close are we to cyber war?

Over the last few years, more firms have turned to red team security testing, putting their organisations through realistic attack simulations. But how do we balance the cost and time these tests demand, with the wider needs of the business?

Our Insights Interview guest this week is Reuven Aronashvili, founder and CEO of Israeli cybersecurity company CYE. Today, he works with large enterprises globally to help them tackle the most difficult cyber challenges.

Before that, he was one of the founders of Israel’s Red Team intelligence unit. As such, he has some unique insights into the line between a hacking incident and cyber terrorism and cyber warfare – and how close we are to crossing it.

Interview by Stephen Pritchard.

Nearly everyone in cyber talks about people, process and technology. But often, the people side is mentioned only in passing.

But it is people that determine how well an organisation handles a cyber attack, and how quickly it recovers. Processes and technology are vital, of course. But as our guest this week says, behind every piece of wire, there is a human being.

Rebecca McKeown is the director of human sciences at Immersive Labs. A psychologist who has worked with militaries, aviation, governments and organisations involved in critical national infrastructure, she argues that we’re not investing sufficiently in the human side of security response.

And she also discusses the results of a recent report into the way firms prepare their people for cyber incidents, the Cyber Workforce Benchmark report.

Interview by Stephen Pritchard

Distributed denial of service attacks -- or DDoS -- are up 14 per cent on 2019's figures, according to research by security firm NETSCOUT. 

And attacks are becoming more complex, with some using as many as 26 different vectors.

At the same time, there is a massive online market for DDoS attacks, with a terabit-class attack costing as little as $6500. Sites on the dark web even offer criminal hackers free trials of their wares, so the barriers to entry are effectively zero.

What, then, can security teams do to counter the DDoS threat? And could governments do more? Our guest this week is Richard Hummel, ASERT Threat Intelligence Lead at NETSCOUT. He discusses this, and more, with editor Stephen Pritchard.

Are we underestimating the security threats to mobile devices – and indeed the threats to mobile infrastructure?

Organisations of all sizes now depend heavily on mobile devices. But, although mobile security rarely makes the headlines, the risks posed by ever more powerful devices, and networks, are all too real.

In fact, this week's guest argues that mobile devices were never designed to operate on corporate networks.

Andy Brown is the CTO at Mobliciti. His firm’s been running mobile infrastructure for enterprises since 2009, and he monitors the mobile threat closely. He discusses how the way mobile technology has changed the way we work, and what that means for cybersecurity, with Stephen Pritchard.

Stolen or compromised identities have been an attack vector for years, if not decades. Even now, organisations are failing to protect against compromised identity. Identity is one of security’s critical weak spots. But why is this? 

Once an attacker breaches defences, it is still too easy for them to move laterally, and to attack higher value targets, or as we've seen recently, attack an organisation with ransomware.

Our guest this week is chief security architect and formally the chief deception officer at Attivo, Carolyn Crandall

She argues that it is changing technology and changing work patterns, with the need to access information anywhere, and at any time, that is making these attacks both more common, and more damaging.

Interview by Stephen Pritchard