<img height="1" width="1" style="display:none" src="https://q.quora.com/_/ad/1fa075f6a9144556974dd51ae0b653c7/pixel?tag=ViewContent&amp;noscript=1">
All Posts

Anatomy of an Attack - Staying ahead and protecting yourself

Trent: Hi there welcome back to Techscoop thankyou for joining us and today you’re in for an absolute treat because once again I’m joined by Ryan Economos from mimecast and we’re talking about the evolution of attacks, this week I want to talk about hwy it’s so hard to stay ahead of all of these attacks. So thankyou fro joining us Ryan.

So what do you think of that?

Ryan: I think it’s obviously really difficult to stay ahead of the attacks all of the time. The reality is that so long as technology has existed people have looked at ways to exploit that. Whether its identifying technological gaps or identifying gaps within the orgasnation from an education perspective. We’re seeing that attacksers themselves are forming communitieis, sharing ideas, sharing pursuits, it is very difficult to always be that one step ahead. Don’t get me wrong we absolutely try to be the other thing is that In terms of the cadence of new attacks that are out there. If you take phishing sites for an example the last stat I recall realing was the anti phishing work group - 46,000 new phishing sites published.  So it’s impossible to stay ahead when they’re developing at that rate.

Trent: So the question is, what can we do to stay ahead?

Ryan: Two key componenents – First is technology. Technology obviously exists that can bridge the gap and it can provide a superior level of protection based on the attacks that we’re seeing. If you take Mimecast as an example, we’ve got services that specifically focus on stopping those targeted attacks, so URL rewrites, it can analysie website content, sandboxing of attachments to check the behavior to ensure the documents you’re using are actually safe. As well as the checks against impersonation type attacks. But the second key component on top of the technology is end users. The reality is that the attacks are having an impact on organisations because users are making decisions that compromise the environment. It is really important to build up that concept of a human firewall and that can be done via a number of different mechanisms, whether it’s posters in the lunch room, emails that get sent out from IT team. Whether it’s phishing simulation attacks. There’s also the need to have frequent training. There’s no point running a cyber security awareness program if it’s a point in time check. It needs to be continuous, you need constant touch points to make sure it’s effective. User education is a huge part of it 

Trent: I suppose that borders on another topic that I want to get into in the future. Possibly I can call you back and we can have a chat about it. IT would be about creating a security culture, or a culture that really fosters security and having a secure environment. Everyone is accountable for their actions and interacting with emails or what they’re doing on the computers.

Ryan: I think security is no longer the problem of just IT, it’s a business problem now. So the responsibility sits with each and every user within the organisation, technical or not.

Trent: I think that’s all we have time for today, but thankyou again Ryan for joining us one more time. It’s been great, I’ve learnt a lot and I’m sure everyone out there has benefitted from the wealth of knowledge that you’ve amassed after working at Mimecast for such a long time.

Ryan: Thankyou.

 

Related Posts

The end of data breach? Introducing People Centric Security

Transcript: Trent: Welcome back, thank-you for joining us today I’m joined by a very special guest David Sia, CEO of Techware. Thanks for joining us Dave. 

5 Reasons Your Disaster Recovery Plan Will Fail

A Disaster Recovery Plan is like an insurance policy. It’s the thing you never hope to need, but are thankful to have when you do. If accidentally putting your phone through the wash feels like a chilly Spring breeze, suffering an organisation–wide operations failure would be a category 5 tornado in the dead of winter. That insurance with the help of IT Managed Services would come in handy, wouldn’t it? For something so critical to maintaining the function and security of a business, you’d be surprised just how many don’t take disaster recovery seriously. You might even be one of them. And you’re not alone. 40% of all businesses rate their organisation’s ability to swiftly recover operations after a disaster as fair to poor, and 3 out of 4 businesses receive a fail grading for DR strategy. Ironically, 95% of businesses experience system failures due to incidents unrelated to natural disasters. These operational disasters account for 45% of all system disasters, with natural disasters and human error accounting for 35% and 19%. And then there’s that 1% of freak, what the hell just happened?!?! occurrences. So if the chance of suffering some kind of system disaster is so high, why aren’t more businesses investing in an effective DRP? Think you’ve got DR covered on your own? Here are 5 reasons your disaster recovery plan will fail.

Techware Rebranded

We’ve been working hard on this project and are extremely proud to be revealing our refreshed branding in 2019!