“It's not a matter of if, it's a matter of when you’ll be hacked and will you notice it”. Those words from Scalefocus’ CEO, Plamen Tsekov, were the standout point for the live discussion organized by Forbes Bulgaria on the hot topic of Cybersecurity. The topic which, since the start of the pandemic that made millions work from home on a daily basis, has been one of the main and most important problems for many IT and other businesses.
Continue reading for the recap, or click here to watch the FULL VIDEO.
Remote Work Put Security To The Test
During the live session, Mr. Tsekov shared the fact that there were record numbers of hacker attacks worldwide during April and May оf 2020. The reality of so many employees in many companies having to work remotely during the coronavirus pandemic gave an edge to cybercriminals and they have never been so focused in their attempts for breach. Attempts often were successful. The focus now, according to our CEO, is on small and medium enterprises where the problem is neglected.
Also, he shared that 90% of all the breakthroughs are coming from email, and 25% of the mistakes that would allow a breach to come from the personnel. That’s why self-preparation is of crucial importance.
Addressing The Issues
“It is essential that we address the security of the terminal devices and isolate the problem as fast as we can.”, says Plamen. With modern solutions such as AI-based monitoring which limits the threat within seconds, breaches can be minimized. That type of solution can be provided by a department within the company or a professional service provider. Some of the most threatened companies are those with fully digitized or automated procedures and processes because they use a lot of machine learning, IoT and if such a company is hacked, some of the resulting problems may be irreversible.
“Cybersecurity engineers are dedicated experts and is hard to keep more than 2-3 per small or medium-sized company. That’s why the remote services are way more efficient.”, says Plamen. He admits that people in his position are often vulnerable because of it.
It was covered that a base employee training is essential because a big portion of the breakthroughs are based on insufficient preparation like the one with phishing emails. The new attacks are harder to detect and often the hackers monitor the social platforms and send emails from co-workers. A good example is the email-based cyber-attack “Man in the middle”.
Based on some patterns of behavior that we have observed in the past, Plamen said, we can make assumptions as to how would a next breach or attack occurs.
“People in Bulgaria still don’t acknowledge that information is an asset of real importance. Let’s not underestimate how crucial are cybersecurity and the real threat of cyber crimes in the process of company digitalization. They go hand in hand”, said Plamen. When asked about the solution Secure Anywhere that supports remote work, he shared that it’s a solution based on open-source technologies, including Azure. “We’ve used methodologies and configurations we’ve learned about with many monitoring sessions we take part in with our clients. We created a quick solution that monitors the end-point devices, the laptops. We monitor if there are changes in the processor work and network traffic. That way if a hacker attack is underway or someone clicks on a website that steals passwords (for example), Secure Anywhere can give a quick alert. It can be used as a configuration management tool and anyone can follow what is happening. If there is danger, it can point out to it and the security team takes it from there.”