Press "Enter" to skip to content

Cyber Security

Barely a day goes by without reports of another major cyber breach. Technology Reseller asks who is to blame and what the IT channel should be doing to protect customers

Part I

Who’s most to blame for the rise in data security breaches: solutions providers, resellers/VARs, IT departments or end users?

Roy Duckles, Vice President of Business Development, Positive Technologies
Roy Duckles, Vice President of Business Development, Positive Technologies

Roy Duckles, Vice President of Business Development, Positive Technologies

“Our research shows that there are a number of weaknesses when looking at enterprise network infrastructure protection. While many systems are better protected externally, they are still susceptible to internal attacks. A leading vulnerability on the network perimeter is outdated software, and in internal networks, account and password management flaws. The number of employees who click through to external sites is growing drastically, and the security level of one third of wireless networks is below medium.

“As a company we have tested the infrastructure of several large enterprise companies. We found that 76% of the systems allowed a hacker to gain complete control over certain critical resources, and in 35% of systems, these privileges were available to any attacker acting from the outside. It was impossible to gain control over critical resources in only 24% of cases. These results actually indicate an increased level of security as compared to the results obtained in 2013 and 2014. A hacker could take full control over the whole corporate infrastructure in 50% of the systems under analysis. In 19% of cases, an external attacker could gain such privileges, and in 31% of cases, an insider from a user segment of the network.”

Richard Stiennon, Chief Strategy Officer, Blancco Technology Group

Richard Stiennon, Chief Strategy Officer, Blancco Technology Group
Richard Stiennon, Chief Strategy Officer, Blancco Technology Group

“The burden of protecting data – and preventing a data breach – shouldn’t fall onto one single person, team or stakeholder. Instead, it should be a shared responsibility between the owner of the data and any managers of the data (i.e. solutions providers, cloud storage providers, data centres etc.).

“To start, IT departments must take responsibility for knowing what types of data are stored by the organisation – both on premise and offsite by cloud storage providers and in data centres. This group should also take the necessary steps to educate their end users on how data must be managed at every stage of its lifecycle.

“In turn, solutions providers, resellers and VARs can find themselves at risk of data exposure/leakage if they don’t clearly communicate the data security precautions they’re providing and not providing. For example, many resellers often overlook the need to erase data when hardware is decommissioned.”

Andrew Bushby, UK Director, Fidelis Cybersecurity

“No one is specifically to blame for the rise in data security breaches. End user awareness is key for smaller, mistake based breaches. However, the blame for larger scale breaches should be placed at the doors of the perpetrators. This does not mean that solutions providers, resellers/VARs, IT departments or end users are free to do nothing. They need to go beyond tick box compliance to deploy true threat detection solutions that care about both the prevention and detection of threats, and it falls on the heads of the IT channel to truly educate IT departments on the need to go beyond the old basics.”

Steve Nice, Security Technologist, Node4

“Cyber criminals are to blame for the rise in data security breaches. If a burglar broke into your house, you wouldn’t blame the lock manufacturer would you? However, while more needs to be done to capture and prosecute the criminals, everyone has to take some responsibility for reducing the security risk. We have identified a huge market opportunity for solutions providers to develop innovative new security services that resellers and VARs can take to market.

Steve Nice, Security Technologist, Node4
Steve Nice, Security Technologist, Node4

“We have put together a managed security service with several components, including threat intelligence, vulnerability assessment and penetration testing, so that the channel can add their own expertise and create a solution tailored to each client’s needs. Ultimately IT departments and end users have to use these tools in accordance with their best practices and follow the rules. We are seeing too many breakdowns throughout this chain, which inevitably leads to a security failure. The channel has a huge opportunity to address this issue head-on by delivering the security services and expertise that businesses need.”

Rob Reid, COO and Founder, StayPrivate

“It sounds rather like an answer that is designed to avoid addressing the question, but ultimately we are all to blame and not necessarily through our own fault, as the internet, big data and social media have made the made the digital world an increasingly complex place. As a consequence, we are all still coming to terms with what new technology is capable of and what it means for information security and privacy. The more data is disseminated and stored on the internet, the more security is becoming a real issue.”

Rocco Donnino, Executive Vice President, Corporate Development, AppRiver

Rocco Donnino, Executive Vice President, Corporate Development, AppRiver
Rocco Donnino, Executive Vice President, Corporate Development, AppRiver

“Unfortunately, solutions providers, resellers/VARs, IT departments and end users all bear blame when it comes to data breaches if they are not following best practices of ‘defence in depth’ through a layered approach of security solutions and network/end user education. Cyber criminals do not focus on one area of the network, but multiple areas of vulnerability and user groups. These are predators that use sophisticated tools and patience to prey on weak links and poor user habits within an organisation. Security ISVs must provide global threat intelligence and defence in depth security and productivity services to their solutions providers and other downstream partners, in conjunction with best practice certifications, ‘follow the sun’ 24-hour technical support and ongoing education for their end-users.”

Paul Calatayud, CTO, FireMon

“Blame may not be best approach to the situation; perhaps a better question is to ask who should be held most accountable. As someone with prior military experience, who has done a lot of research on leadership, I would say the CEO, board and CISO of the impacted organisation all hold accountability. But when it comes to introducing risk to an organisation, I would say most responsibility lies with the end user. Four years’ worth of breach and data forensics show me that end users play an absolutely critical role in defining and influencing overall risk in an organisation. This often comes from unintentional actions, such as clicking on an email, downloading what they thought was a trusted application, leaving their laptop in a car to be stolen, or being tricked into believing the email they are reading is from a trusted source like their CEO. Accountability and leadership play a big role in educating and establishing a culture that will ultimately determine the likelihood of a breach.”

Part II

What more could/should the IT channel be doing to make customers take data security seriously?

Roy Duckles, Vice President of Business Development, Positive Technologies

“The whole concept of IT Security is based on the principle of Insecurity – if you don’t buy this you will be breached. It is no use just adding more components and complexity to an IT Security infrastructure. Selling more firewalls etc. will not fix customers’ problems. Health checks, such as audits and penetration tests, should be offered to check the security position of any business and to find the gaps and vulnerabilities before the hackers do.

“The need to apply good IT security practices and design should be the value-add that the IT Channel presents to its customers through training, seminars and joint discussions. Unfortunately, many IT Channel partners see a breach as an opportunity simply to sell more IT security products and services, which is the last thing a customer wants to hear when their Brand, Reputation and Integrity are lying in pieces around their feet. Promoting how they will be there to help when help’s what’s needed most would be more valuable.”

Richard Stiennon, Chief Strategy Officer, Blancco Technology Group

“The IT channel has a major role to play in educating customers about data security and raising awareness of the major security risks that aren’t being adequately addressed. They’re the ones who speak directly to end-users when new technologies are integrated into the business and who are often responsible for decommissioning end-of-life assets. The IT channel has a golden opportunity to introduce best practice security measures at the point when IT structures and processes are still flexible enough to change. This is especially important in workplaces where BYOD is prevalent among employees.

“They should encourage their customers to follow relevant guidelines set by the International Organisation for Standardisation (ISO), such as ISO/IEC 27001, which includes guidelines for secure asset disposal and data erasure, and ISO/IEC 27018, which is a code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.”

Andrew Bushby, UK Director, Fidelis Cybersecurity

Andrew Bushby, UK Director, Fidelis Cybersecurity
Andrew Bushby, UK Director, Fidelis Cybersecurity

“The IT channel has a responsibility to educate customers and make them aware of the true value of cybersecurity. Indeed, there is too much focus on the fines laid out by the General Data Protection Regulation (GDPR) and not enough on the value to the business of good cybersecurity. The maximum fine may change with GDPR, but the biggest cost for companies is still the effect a breach has on reputation and profitability – i.e. TalkTalk’s £400,000 fine for the breach versus the loss of 101,000 customers and £60 million. The simplest piece of advice is for the channel to get organisations to look at the value of the data they are protecting.”

Steve Nice, Security Technologist, Node4

“The IT channel should be providing better education and guidance around security best practices in order to make customers take data security seriously. IT security should be second nature, like locking your front door when you leave the house. The channel could offer master classes/workshops to show customers how easy it is to extract data. Our managed security service clients tell us that we are identifying threats they didn’t even know existed. By arming them with the threat intelligence they need, we are creating an opportunity for them to limit the entry points for criminals. Education about the risks is key and there is still a lot more to do.”

Rob Reid, COO and Founder, StayPrivate

“IT security businesses need to offer companies solutions that protect their entire business rather than just their corporate environment. Companies have a responsibility to safeguard client data both inside and outside their firewall and, in particular, need to find a better way than (normal) email to communicate sensitive information.”

Rocco Donnino, Executive Vice President, Corporate Development, AppRiver

“Today, the IT channel is managing multiple customers with multiple network configurations. It’s vital that solutions providers and MSPs provide the right mix of cloud gateway security, secure productivity services, network security and back up, as well as endpoint protection. These solutions should not come by way of a ‘suite of antivirus or antimalware’ software within the network or appliances from one vendor, with a perceived notion value or higher margin. When there is an attack, it usually results from a single point of failure throughout the ‘suite of products’. Security ISVs must provide upstream global threat intelligence within the cloud for email, Web and network security that stops threats from entering the network for both the end-user in the network and the mobile user. Additional ‘defence in depth’ cloud-based network security, cloud-based secure productivity and back-up services, as well as endpoint malware/antivirus for endpoints and mobile devices, provide the best security hygiene against today’s threats. The benefits are that threats will be stopped upstream, data is backed up in the cloud and threats are stopped outside the organisation’s environment. Again, the right security tools are just part of the solution and best practices. Ongoing administrator certifications and end-user education are critical to stopping daily threats and mitigating risk.”

Paul Calatayud, CTO, FireMon

Paul Calatayud, CTO, FireMon
Paul Calatayud, CTO, FireMon

“The IT channel could take an active role in establishing or continuing to improve how they engage their client-base. Instead of recommending a set of technologies or services, the channel could adopt an advisory and listening approach. In order to provide the best possible security solutions, it is important to understand a client’s business, and that is best served by a ‘listen and advise’ approach.”

Please follow and like us:

Be First to Comment

Leave a Reply

2018