» INTERVIEW
SECURITY IN THE REMOTE WORK ERA
C
ybereason, creators of the leading Cyber DefensePlatform launched operations in the Middle East earlier this year. Cybereason provides complete visibility and actionable threat detection so security analysts can stop attacks before material damage happens. Tarek Kuzbari, regional director - Middle East & Turkey, Cybereason discusses the company’s focus in the region in a chat with CXODX
Are organizations doing enough to secure themselves in the era of increased remote working? What steps should they be ideally taking? Many companies didn't have the underlying hardware, software and support infrastructure in place to support vast amounts of people working remotely when the pandemic initially hit. And even fewer had established security guidelines in place for remote work – including employee use of personal devices for company business -- and remote access to company information systems. Over the past several months, improvements have been made and heading into 2021 the new norm will be an increase in the hiring of more full-time remote workers. The job of security professionals is to have a plan in place to reduce risks. There are aspects organizations should be considering as the following. Remote Access: you might have some employees remote right now, but are all of them remote? Do you allow insider information, like source code or strategic project documents like M&A named projects, to be accessed remotely? Obviously, the VPN and your extranet strategy here matter and burst licensing might be required from suppliers, but consider, by department, what new data types are
26
being accessed and what this exposure might mean from a risk perspective. Mobile: Mobile is still a vulnerable medium and needs better security measures generally. Now might not be the time to beef up mobile, but the day is coming, post-crisis, when that is likely to be the hottest risk area for many businesses. Laptops and Desktops: In a very real way, every employee is working on data that is by definition outside the perimeter. If you don’t already use tools like FullDisk Encryption, now is not the time to turn it on blindly but rather to take note of what data is most sensitive and to come up with a policy for data-at-rest outside the company. Security Operations and IR: Security operations and incident response are often group activities with highly specialized collaboration and tool use. Can your employees exchange ideas, talk, meet ad hoc, exchange data, and so on, securely? You need to make sure that employees can continue to work remotely well into 2021 and security can't be an afterthought. Awareness Training: It might be a good time to encourage a refresher in aware-
CXO DX / OCTOBER 2020
ness programs and training as people move home. It will give them something to do and make them actively conscious of security issues. I suspect that there will be a few new modules in most awareness curricula soon, around working remotely or at least an emphasis on these, but you can always encourage the creation of a new module around your company’s move. Is MDR a managed service offering through your partners to customers? Yes, Cybereason's MDR-in-a-Box (Managed Detection and Response) is offered through partners. The MDR-in-a-Box program is designed to help strategic partners increase market share through the delivery of new SaaS driven cybersecurity solutions. By leveraging the Cybereason Defense Platform and program approach, partners can fast track new, high-demand service offerings and provide their customers with a holistic managed solution that addresses their specific needs. Do your threat hunting solutions use any deception technology? The Cybereason Defense Platform includes anti-malware technology to detect and prevent it when it executes and exhibits ransomware indicators. In particular, Cybereason's anti-ransomware technology uses deception techniques to detect, prevent and recover from attempts to encrypt files, remove local data backups, or modify critical system areas such as the master boot record. As a cloud based solution, is your EDR solution effective across all possible cloud and premise based infrastructure of an enterprise client? Yes, Cybereason technology can support cloud, hybrid, on-premise as well as airgaped environment.
