6 minute read
SECURITY IN THE
SECURITY IN THE REMOTE WORK ERA
Cybereason, creators of the leading Cyber DefensePlatform launched operations in the Middle East earlier this year. Cybereason provides complete visibility and actionable threat detection so security analysts can stop attacks before material damage happens. Tarek Kuzbari, regional director - Middle East & Turkey, Cybereason discusses the company’s focus in the region in a chat with CXODX
Advertisement
Are organizations doing enough to secure themselves in the era of increased remote working? What steps should they be ideally taking?
Many companies didn't have the underlying hardware, software and support infrastructure in place to support vast amounts of people working remotely when the pandemic initially hit. And even fewer had established security guidelines in place for remote work – including employee use of personal devices for company business -- and remote access to company information systems. Over the past several months, improvements have been made and heading into 2021 the new norm will be an increase in the hiring of more full-time remote workers. The job of security professionals is to have a plan in place to reduce risks. There are aspects organizations should be considering as the following.
Remote Access: you might have some employees remote right now, but are all of them remote? Do you allow insider information, like source code or strategic project documents like M&A named projects, to be accessed remotely? Obviously, the VPN and your extranet strategy here matter and burst licensing might be required from suppliers, but consider, by department, what new data types are being accessed and what this exposure might mean from a risk perspective.
Mobile: Mobile is still a vulnerable medium and needs better security measures generally. Now might not be the time to beef up mobile, but the day is coming, post-crisis, when that is likely to be the hottest risk area for many businesses.
Laptops and Desktops: In a very real way, every employee is working on data that is by definition outside the perimeter. If you don’t already use tools like FullDisk Encryption, now is not the time to turn it on blindly but rather to take note of what data is most sensitive and to come up with a policy for data-at-rest outside the company.
Security Operations and IR: Security operations and incident response are often group activities with highly specialized collaboration and tool use. Can your employees exchange ideas, talk, meet ad hoc, exchange data, and so on, securely? You need to make sure that employees can continue to work remotely well into 2021 and security can't be an afterthought.
Awareness Training: It might be a good time to encourage a refresher in awareness programs and training as people move home. It will give them something to do and make them actively conscious of security issues. I suspect that there will be a few new modules in most awareness curricula soon, around working remotely or at least an emphasis on these, but you can always encourage the creation of a new module around your company’s move.
Is MDR a managed service offering through your partners to customers?
Yes, Cybereason's MDR-in-a-Box (Managed Detection and Response) is offered through partners. The MDR-in-a-Box program is designed to help strategic partners increase market share through the delivery of new SaaS driven cybersecurity solutions. By leveraging the Cybereason Defense Platform and program approach, partners can fast track new, high-demand service offerings and provide their customers with a holistic managed solution that addresses their specific needs.
Do your threat hunting solutions use any deception technology?
The Cybereason Defense Platform includes anti-malware technology to detect and prevent it when it executes and exhibits ransomware indicators. In particular, Cybereason's anti-ransomware technology uses deception techniques to detect, prevent and recover from attempts to encrypt files, remove local data backups, or modify critical system areas such as the master boot record.
As a cloud based solution, is your EDR solution effective across all possible cloud and premise based infrastructure of an enterprise client?
Yes, Cybereason technology can support cloud, hybrid, on-premise as well as airgaped environment.
Can you please elaborate on your partner strategy
Cybereason sells entirely through the channel, and our success in the region depends entirely upon our ability to forge a rich partner ecosystem. Just in the past year alone, we have struck agreements with some of the biggest technology and services providers in the world, including Westcon, WWT, Cerner and TrustWave.
To ensure that our partner program is tailored to the region, in early August, we announced the launch of a new partner program for the Middle East that will allow the region’s value-added resellers (VARs) and managed security-service providers (MSSPs) to enhance their customers’ defense postures against an ever-evolving threat landscape.
The announcement follows Cybereason’s recent signing of Westcon-Comstor ME, which recently became a partner in the marketing and distribution of Cybereason solutions across the Middle East.
Through the new regional partner program, VARs and MSSPs will get access to Cybereason’s Partner Nest, which delivers top-flight sales and technical enablement. In addition, all partners are instantly eligible for the Cybereason Defenders League certification program that empowers partners with skills to deliver a demo and a POC, enabling them to become experts. Furthermore, certified partners automatically join the Cybereason Defenders League, an exclusive community of experts with access to Cybereason’s founders, product team, and key roadmap updates.
VARs will collaborate with a market leader in endpoint protection on areas such as business planning, marketing, and deal-making, while gaining access to world-class sales and technical training. MSSPs will get access to discounted pricing models and can also opt to deploy Cybereason's MDR-in-a-box offering, a practice building, all-encompassing program that leverages a combination of flexible support services, methodology, and Cybereason intellectual property.
Elaborate on the strides the company has made in the region since you started operation earlier this year?
If you look at the region, the financial Tarek Kuzbari regional director – ME & Turkey, Cybereason
losses due to lack of cybersecurity investment is staggering – Ransomware alone is forecasted to generate over US$21Billion this year compared to US$5M a couple of years back. Based on research done for UAE and Saudi Arabia, the cost of a breach is US$6.52M compared to US$3.86M global average, and the time to identify and contain a breach is 369 days compared to 280 days global average. So there is clearly a demand for robust cybersecurity, and specifically endpoint security solutions in the market.
The Cybereason Defense Platform gives security analysts and operations teams the industry's deepest visualized cloud services and the ability to stop targeted attacks. In addition, Cybereason is disrupting the global endpoint-security market. The company’s approach centers on automating many tasks that previously required manual labor. Its cloud-based EPP (endpoint protection) platform delivers an industry-leading ratio of one analyst to 150,000 endpoints, compared with the benchmark of one analyst to just 20,000 endpoints.
Given our unique value proposition, since we entered the Middle East market back in early 2020, we have been gaining a lot of traction, particularly with organizations in the insurance and government sectors. As I mentioned previously, since our go-to-market strategy is 100% channel oriented, in addition to building out our direct presence, we have also made significant investments in recruiting and enabling a select number of system integrators and distributors.