FEED Autumn 2021 Newsletter

Shelly Calhoun-Jones Cloud security specialist

What are the biggest cybersecurity threats now? Ransomware continues to be prevalent, and we’re beginning to see it used in supply chain attacks. For example, REvil leveraged a vulnerability, distributing itself through an IT management platform. Ransomware can also spread to cloud storage, making it imperative to secure both endpoints. On the cloud storage side: enable versioning to roll back, logging for an audit trail, multi- factor authentication to delete files, and

What is the scariest cybersecurity story you’ve ever heard? Any hospital that gets infected by ransomware. These are machines critical to someone’s immediate health: assisted breathing, blood analysis and having patient data immediately available. Digitising all this information demands stringent protection and controls. The best way to protect your data is to control access, what you share, and what you allow others to hold for you. Zero-trust is the best approach to security.

set strict permissions to ensure the right people have the right level of access. Have you had any personal experience of a cyberattack? I used to work with large companies to secure their environment and recover from an attack. It could be isolating a threat, cleaning up systems, or identifying how the threat got in. Thankfully, I haven’t been a victim of one. Mainly because of vigilance and staying informed.

Asaf Ashkenazi Verimatrix Chief operating officer

What are the biggest cybersecurity threats now? Cyberattacks on supply chain providers are significant. They allow attackers to spread their malware to hundreds of customers quickly and relatively easily. One recent example is the ransomware attack on Kaseya’s customers. By infiltrating Kaseya, a software supplier to the MSP community, a hacker affected thousands of global organisations with a single malware. That malware was not detected by Kaseya’s customers, because their systems considered Kaseya software to be trusted with permission to push patches of its software on a regular basis. The malicious hacker ’s code was embedded within legitimate and trusted software, and it propagated with severity. When healthcare companies or financial service firms are impacted by such supply chain attacks, it’s especially worrisome, due to the risk to patient safety or personal financial loss. How well-informed are your customers on cybersecurity issues? I believe our customers are very informed because they have purchased our products – they’re taking preventative action to guard against attacks, rather than just thinking about security. Most of our media customers are security- first organisations by nature,

OUR CUSTOMERS ARE TAKING PREVENTATIVE ACTION TO GUARD AGAINST ATTACKS

because technology from Verimatrix safeguards their revenue streams. When it comes to new types of attack vectors, some customers may be less prepared than they should. For example, the entertainment industry has rapidly evolved over the past 18 months due to Covid-19 – and new cyber threats have emerged in mobile applications. Most media companies offer apps that power various viewer experiences – these are largely unprotected, putting valuable IP and customer data at risk. We’re starting to see more adoption in media of new types of security deployments, such as Verimatrix Application Shielding, to help them securely deliver amazing experiences. What best practices do you have in place to defend yourself? Any security company must practise what they preach. Besides having our own internal security team constantly ensuring our solutions are safe for customers, we also audit and improve our own internal security parameter on a constant basis. We do not take security for granted, constantly looking for weaknesses in third-

party solutions to make sure they are secured. Verimatrix is the leader in powering the modern, connected world with people-centred security for a reason; we deliver. Interesting side note: our logo is the morse code symbol for the word ‘trust.’ What is the scariest cybersecurity story you have ever heard? I read about a cyberattack on a hospital that directly impacted patient care. Post-attack analysis determined the time it took for a patient to receive an ECG increased by as much as 2.7 minutes after the breach. This lag remained as high as two minutes years after the event. Researchers believe these findings explained why the 30‐day acute myocardial infarction mortality rate increased by as much as 0.36 percentage points in the following three‐year window. Scary stuff! At Verimatrix, we believe friendly security saves lives – security that’s easy to understand, easy to implement, and easy for users. But it must be strong enough to safeguard your apps, APIs and devices.

feedmagazine.tv

Powered by