News in the Channel - issue #7

CYBERSECURITY FOCUS

CONTINUED

and as trusted advisers we at Redsquid see it as our responsibility to continue to guide and communicate these ongoing threats and the measures and technologies that can be utilised to overcome them. The threat level from cybercrime has only gone one way in the last many years – and that is up! I don’t anticipate that this will change, and we expect the threats to continue to become more complex and refined against our businesses. “We have developed our own cyber security solution, Redsquid Cyber/Kill, which protects the entire perimeter around a business and not just individual devices. Paired with SOC and SIEM technology – these solutions are what more and more businesses are integrating to stay secure and give peace of mind to stakeholders and customers alike. Paired with awareness training, this is the only way forward and we will continue to be advocates for the use of these technologies to protect organisations, users and data.” Dom Ryles, director of sales and commercial – security at Exertis Enterprise, says that some customers might not realise the implications of moving their data to the cloud and the impact of the shared responsibility model, where the customer themselves is responsible for the data in the cloud – providers are only responsible for the infrastructure but not the data. “This is a big vulnerability,” he says. “It’s our responsibility as a distributor to educate and enable the reseller community, and to address the challenges that our partners’ customers are facing. We need resellers to get their customers to understand that it’s not a question of ‘if’, but ‘when’ when it comes to security. Taking customers through certification processes and getting the baseline understanding and awareness, is a good way to start. General security awareness training is essential, so they don’t see security as a ‘blocker’ to progress, rather than an ‘enabler’.” Growing market With cyberthreats continuing to grow, so is the market for security – Dom points out the market is predicted to grow at a CAGR of 8.9% – which means the opportunities for resellers will increase too. However, it will be important for them to stay on top of the latest innovations to make the most of those opportunities. “The main market trends in the next 18-24 months will be AI automated security systems, which can analyse patters and behaviours and automate responses thereon,” says Dom.

“However, a negative side of AI is that hackers now have the capability to write malicious code more easily or create an attack that bypasses the latest security protocols, and they could even predict the best time to attack an organisation when it’s at its weakest. “Insider threats, for example human error or social engineering, are still primary reasons for a data breach. Another upcoming trend is zero trust, where colleagues only have access to the resource they require for a limited time. IT managers then receive more visibility into what people are accessing and reducing their access capabilities. Zero trust will be the fastest growing form of network security, growing by an estimated 31% in 2023.” OpenText Cybersecurity’s Matt Aldridge adds that while there is no ‘silver bullet’ that can stop all attacks, multi-layer solutions that block attacks from bottom to top are essential for serious protection. “But fundamentally it is applying regular software or firmware updates to these devices that can give the most protection, along with carefully hardening their configuration. This is most critical with any appliance or device which sits outside the network or at the border, such as routers, firewalls and VPN gateways, where devices are directly exposed to attacks. Disabling all unneeded features and heavily restricting admin access are other key methods to keep devices secure. “We expect cybercriminals will continue to evolve their tactics, notably relying on sophisticated AI to support their malicious activity. They will continue to look for the weakest link, and this will usually be servers or endpoints that are not adequately protected and/or are running outdated, vulnerable software. Cybersecurity vendors work extremely hard to detect and prevent attacks, but when organisations are operating on legacy infrastructure, there are limits to the protection levels that can be achieved. “Social engineering tactics, such as those targeting multi-factor authentication fatigue will remain an important area of concern for business leaders and cybersecurity experts. This is a technique that exploits the fallibility of humans, rather than vulnerable computers, and it can unsurprisingly be much more effective than purely technical attacks devised to infiltrate IT systems. As such, it is another important reason why businesses should invest in employee education as a priority and ensure that their endpoint security has real- time anti-phishing protection included.”

Sohin Raithatha CEO

redsquid.co.uk

With cyberthreats continuing to grow, so is the market for security – Dom points out the market is predicted to grow at a CAGR of 8.9%. “

Dom Ryles director of sales and commercial – security

exertisenterprise.com

20

Powered by