How partners can remain vigilant as cyber threats rise

Nick Hughes, sales manager at Perth-based MSSP CMTG breaks down how partners can ensure their human firewalls stay strong.

Image:
Nick Hughes, technical sales manager, CMTG

Employees and leaders are seen as the company’s human firewall and to ensure that it doesn’t come crumbling down, there are several steps partners need to take to help keep an organisation secure.

Nick Hughes, technical sales manager at Perth-based MSSP CMTG said one of the ways partners can be proactive is through education.

“What we would recommend to other partners like us is to make sure we're out there educating our end users, our customers, of the type of threats that are coming through,’ he explained.

“Whether they are news articles that go out monthly, whether it's quarterly presentations where you go to the customer, talk to their stakeholders and their internal staff. We see a lot of adoption to explain the type of threats that are coming out there and what people should be aware of and what they should look out for.”

He added, "If they get compromised at home, they should still let their employer know so that they can look at changing passwords and just doing a verification check over that customer's environment.”

Hughes noted that partners should be proactive in looking at security logs in relation to customer environments.

“Just to identify abnormal behaviour and things that don't look right. Then reach out proactively to those end users or those customers and ask if that behaviour is normal, and if it's not, look at securing that user down and resetting passwords.”

Hughes added, “It's about being proactive. If you're not proactive, likely there'll be a compromise.”

Growing in vigilance

The customers that he takes on that proactive journey are becoming more vigilant, Hughes explained.

Through running phishing campaigns and social engineering, he said they try to trick their customers into clicking things that they shouldn’t be.

“Then we send them to training to watch some videos, and then we do some more training in the office,” he said.

“But when we rerun those campaigns, and then we change the campaigns, so they look different, we're seeing that people are becoming more aware of those things, and those customers are not being tripped up as much.”

However, Hughes said regardless of a growing vigilance, partners need to stay on top of education.

“Any customers that we don't have on this yet, often we go and pitch the same service, and we go through the same type of cycle again. Where we start the process, we do the social engineering email filtering, and then we see that their users often are clicking those links and we go through that same journey.

“So, you can imagine, it's a very cyclical process that is done from customer to customer.”

One of the trends Hughes is noticing within the cyber market is an increase in AI-based attacks.

“From a cyber security point of view, we are seeing an increase in threat actors leveraging publicly available AI tools to help with the social engineering, deep fake attempts to obtain access into business environments or end users’ financial platforms,” he said.

While there is an increase in attacks and the attackers are evolving, so are the defenders.

“The cyber space is constantly evolving, and security vendors are working hard at ensuring they are ahead of any major advancements before they are released,” Hughes told CRN Australia.

He highlighted how quantum computing could make a big impact within the cybersecurity sector.

“The biggest evolution I see on the horizon is quantum computing and ensuring that systems and cryptography is ‘quantum ready’,” he said.

“I have read statements that a super computer could take billions of years to crack a 2048 bit RSA key, however, a sufficiently powerful quantum computer could do it in hours or even minutes.”

Highlights