This October marks the 20th annual Cybersecurity Awareness Month. While this may have seemed like a niche concern in 2004, today it couldn’t be more relevant. With cyberattacks on the rise and cybercriminals becoming ever more sophisticated, companies need to address online safety as a matter of urgency.
Here at Daemon, we’re committed to doing our part. As well as prioritising the safety of our customer’s data during every project, we aim to educate our clients so that they can stay safe after we’re gone. Nobody understands this better than Marc Pesier. As our Principal Cloud Consultant, Marc is instrumental in ensuring that our safety measures are up to scratch. We sat down with Marc to discuss new threats, common mistakes and how you can stay safe in 2023 and beyond.
Hi Marc, thanks for joining us. First of all, could you tell us a bit about your role at Daemon, and whether this has changed over time?
I’m the Principal Cloud Consultant at Daemon. This means that I give advice on cloud architecture, security and best practices, as well as helping to design broader digital transformation strategies. I’m also a member of our security guild. This is a cross-functional Daemon team that focuses on improving our internal security posture.
Security is definitely more of an issue now. There have been a number of high-profile ransomware attacks in recent years, and this has raised awareness of the importance of cloud security. At the same time, the growing sophistication of attacks has forced us to adopt a more proactive approach to safety.
What is the most pressing cyber security concern in 2023, and what can be done to reduce the danger?
Ransomware attacks are definitely the number one threat at the moment. Not only are these becoming more frequent, but they are also growing more sophisticated. These were traditionally focused on large businesses, but now smaller businesses are being targeted too. We’re even seeing attacks on critical infrastructure such as healthcare. This greatly increases the potential for harm, making it more important than ever to protect ourselves.
In order to do this, we need to take a multi-layered approach to security. This means combining firewalls, intrusion detection systems and more to create a sort of obstacle course for would-be attackers. We want to build an environment where attackers who break through one barrier are immediately stopped in their tracks by another.
How do you see the next few years playing out with regards to cyber security? Are there any new threats on the horizon?
The most notable trend is probably the rise of AI and machine learning. This has big implications on both sides of the security fence. Cybercriminals can use AI to launch automated attacks, but businesses can also use it to defend themselves.
Phishing attacks are one area in which AI certainly favours the criminals. Deep fake technology allows scammers to create hyper-realistic audio and video recordings, making it much easier for them to gain the trust of their targets.
These new threats have caused the security landscape to shift considerably. Where businesses traditionally used a perimeter security model that granted access to all devices once trust had been established, they are now moving towards a zero-trust framework. This means that verification is required every time a device wants to access the network.
These changes have also been driven by the widespread shift to remote working. As teams become more dispersed, extra security precautions are needed. This is especially true when it comes to endpoint and device security. In a traditional office, everyone would be working within company firewalls. Now, with so many people logging in from private internet connections, it’s vital to ensure that there are no weak links.
Connect with Daemon on Linkedin
What are the most common mistakes businesses make when it comes to cyber security? What can be done to address these weaknesses?
A lot of businesses underestimate the role of human error, causing them to provide inadequate cybersecurity training for their employees. This makes them more susceptible to phishing attacks, as employees have not been trained to recognise the red flags. They may also give excessive access rights to employees, granting admin status where it isn’t needed. This can be especially dangerous if the company doesn’t have a solid leavers process. A disgruntled former staff member with continuing access to sensitive data is something that must be avoided at all costs.
Passwords are another common area of weakness. Businesses are often guilty of reusing weak passwords, or allowing employees to use the same password for multiple systems.
Finally, many businesses fail to update their software at regular intervals. Your security systems may have been state of the art when you bought them, but they will soon become ineffective if you don’t install the latest patches.
Education is the key to improving this situation. Employees need to recognise the risks and know how to respond in the event of an attack. Training sessions are a good start, but the most effective teaching method is to simulate a cyberattack. Like a fire drill, this allows employees to practise their response to an attack and correct any mistakes.
There is also work to be done on the management side. Businesses need to make sure that their software is updated regularly using a robust patch management service. They should also ensure that passwords are as strong as possible and introduce two-factor authentication for sensitive logins. Setting up a password manager is a great way to improve password security without making life difficult for employees.
How does moving to the cloud affect cybersecurity? Is it a more dangerous environment, or are the threats just different?
I wouldn’t say it’s more dangerous, but it does present new challenges. The cloud is a shared responsibility model, meaning that both cloud providers and their customers have security obligations. The cloud provider is responsible for the overall security of the cloud’s infrastructure, but it’s up to the customer to safeguard their data, secure their applications and manage who has access to what.
There are pros and cons to this model. On the plus side, the cloud offers more robust encryption and back-ups than a physical server. Multifactor authentication is also more straightforward, making it easier to add an extra layer of security. These benefits are likely to grow over time as people become more comfortable with cloud technology. The better the general understanding of the cloud, the more confident individuals and companies will become in their security processes.
On the other hand, there is often confusion over data residency. In a multi-cloud environment, it can be unclear where data is hosted. This creates GDPR issues, as different regions have different rules about data storage. It's important to be sensitive to these differences and to clear up any confusion before it leads to security oversights.
Find out more about our cloud services:
You're a big fan of Prowler. Could you tell us a bit about how it works and the benefits it can provide?
Prowler is an open-source tool designed to assess the security of AWS environments. It scans your cloud environment, automatically identifying misconfigurations and vulnerabilities. It then uses this information to compile an in-depth report, giving you a security rating and providing suggestions on how to improve safety. This is all done in line with industry best practices, making it one of the easiest and safest ways to evaluate cloud security.
Read more about Marc’s work with Prowler
With Cybersecurity Awareness Month just ahead, what would be your advice to businesses who are worried about online safety?
Education is the key to cybersecurity. Both businesses and individuals need to understand their responsibilities, but this won’t happen without expert guidance. This is where we can help.
We are one of the country’s leading AWS specialists, having worked with a range of multinational businesses to strengthen their cloud security. My team and I can evaluate your entire cloud environment, rating you on a maturity scale and offering advice on improving your score.
This is a worthwhile investment for any company. The cost of a security breach can be huge, both financially and in terms of reputational damage. A small investment now can save a lot of trouble in the future.
For advice on cybersecurity, or for anything else relating to digital transformation, don’t hesitate to get in touch.