Jack Garnsey, Product Manager, VIPRE SafeSend and Security Awareness Training advises on the layers of cyber security businesses should implement to safeguards themselves against cyber attacks
VIPRE is a provider of IT security solutions purpose-built to protect businesses, solution providers, and home users from costly and malicious cyber threats and user errors. Jack Garnsey, Product Manager, VIPRE SafeSend and Security Awareness Training had this to say:
Please could you tell me a bit more about VIPRE and the products or services it offers?
VIPRE provides IT security solutions to protect businesses and home users from costly and malicious cyber threats. We cover endpoint security including web access control, email security including anti-spam, antivirus, anti-spoofing and anti-phishing engines, cloud-based VPN, data loss prevention including protection from misaddressed emails, security awareness training and enterprise-grade web security. Our services are all underpinned by our behavioural analysis detection engines, which have over twenty years of experience determining the difference between good and bad actors, safely identifying which information will hurt your organisation and what is allowed to get through to your users.
What are today’s emerging digital threats and how can we stay protected?
A number of misconceptions still exist when it comes to cybersecurity. Apple Macs, for example, have been around for a long time, yet people still have the mentality that Macs don’t get viruses. However, only recently, at least 40,000 Macs were apparently infected by the Silver Sparrow, which is a new family of Mac malware that runs natively on Apple’s new M1 processors. With the ever-evolving threat landscape, businesses and vendors need to respond to modern attacks with the right protection.
A new way of attacking that we’ve seen an increase in the IT industry is the use of fileless attacks, which exploit tools and features that are already available in the victim’s environment. These can be used in combination with social engineering deploys, such as phishing emails, without having to rely on file-based payloads.
Above all, users continue to play a significant role in safeguarding organisations from threats by ensuring they install updates to software, stay away from shadow IT, and are cyber aware in everything they do. Circumventing security protocols to make their lives easier, especially when remote working, should not be allowed. But, using security awareness training programmes to help with understanding why this is the case should help organisations keep security under control.
How are cybercriminals looking to gain access to our data?
Cybercriminals are innovative, and continue to adjust to the modern threat landscape. They will try to gain access to data in any way they can, whether this is through email attachments and links, phishing or spear phishing, social engineering attacks, malicious websites or as mentioned above, fileless attacks. They can also gain access through having outdated software and plugins on your desktop, or through routers and open networks. The possibilities are endless.
What layers of security should we be looking at to ensure to safeguard ourselves and our businesses?
We talk a lot at VIPRE about layers, and layers within layers – particularly looking at not only the different types of security, but the layers inside those security services. For example, if we look at layered email security, it covers not only spam and virus protection, but protection against spoofing, malicious links and attachments as well. It’s no coincidence that every serious email security vendor has an Advanced Threat Protection package that includes some form of behavioural-based detection techniques.
Also, strong protection needs to include some form of Machine-Learning, because zero-day, polymorphic threats are here to stay and are only getting more sophisticated. AI has an important part to play in specific areas such as virus detection, sandboxing and threat analysis and combined with tools to prevent accidental data leakage – as well as trained human insight – users are empowered to make more informed decisions about the nature and legitimacy of their email before acting on it
What are the current SMB security trends?
SMBs themselves can be their own biggest problem by thinking that they are immune to cyber-attacks or that they are too small or ‘uninteresting’ to be a big target for attacks. There are no size restrictions when it comes to IT security threats, and just because a business may not think it is big or important enough to invest in multiple levels of threat protection, the consequences of an attack on an SMB are still devastating. Relying on tools that come as ‘part of your IT package’ instead of investing in dedicated Endpoint and email protection is so much more common than you would think. And now with the pandemic and the move to remote working, a lot of SMB staff are working with even less security than usual.
How is business antimalware different from the consumer?
It isn’t about looking at the quality of protection, but rather the way the protection is configured, managed and analysed. In theory, there is very little difference in the quality of protection given to consumer and business customers, however, the risk a business runs is much bigger than an individual and so they need better analytics, management, deployment and reporting capabilities in their endpoint or email solution. A business can be taken down for hours, days or even weeks with ransomware attacks and this impacts the whole supply chain, including employees, customers and suppliers.
We have built our solutions from the ground up to focus on those specific things: analytics, management, deployment and reporting, because that is where a business solution brings the power not seen in consumer products and can make a big difference to an IT Manager’s time investment. Having to log in to different systems and subsystems to figure out what went or could go wrong is not an option anymore and our services have been designed to eliminate the interface problems seen in other solutions on the market.
How can businesses look to keep their data safe?
The key to successful data security is having a strong IT security infrastructure in place – there is no way around that. However, a strong IT security infrastructure is only possible by having a layered approach to security, looking at both technology and humans or users as part of the solution. This includes endpoint security, email security and a business-grade firewall for the security of your network. But even with the most sophisticated software in place, hackers make it their mission to stay one step ahead of IT defences. That is why regular training, in addition to complementary security tools, can provide a fortified strategy for users to mitigate the threat of a cyberattack.
What predictions do you have in regards to data and security?
Cyber threats are only going to increase in sophistication and become more personalised to the individual by using social engineering attacks. We have already seen an increase in new threats, such as fileless based attacks and they are only going to continue to evolve and become more prevalent. Attackers are going to continue to take advantage of current events, such as the ongoing pandemic, to trick users into clicking a link, downloading an attachment or signing into a phishing website and so on.
Users have to become a part of the solution, rather than the problem. In order to do this, businesses need to place cybersecurity as a priority throughout their processes and invest in the right tools and training to make this more of a business-critical solution, and less of an ‘emerging necessity’ as it is now.
We can see some organisations are already adapting to these changes, but they are the exception rather than the norm right now. Some element of remote working is going to become the new normal for many people, and as more organisations discover the advantages of home-based workforces, this new way of working brings with it a huge question around data access and security that needs to be resolved.
Read the latest edition of PCR’s monthly magazine below: