Cyber-crimes are committed by low-life criminals, just like robberies are crimes committed by desperate thieves. You will be surprised to know that you and the company you work for might already be exposed to cyber-attacks.
In the past year, many of us were forced to work from home due to the COVID-19 pandemic. We were not given a lot of time to prepare for this new work normal, and we might have traded the security of our company’s network while working in the comfort of our homes, putting ourselves and the company at risk of a cyber-attack.
Sumit Bansal, Managing Director for Sophos in the ASEAN and South Korean regions, stated in an interview with Timothy Go, Editor-in-Chief for Tech360.tv, that in the haste to accommodate a remote work model, many companies created new VPNs to give workers access to organisations resources and applications. Instead of company-issued devices, some employees have also been using own devices at home for work. According to Sumit, “This causes even more issues, how do you control a device that is not part of the corporate network?”
He also mentioned that the pandemic has brought the worst out of people “especially cybercriminals.” To protect yourself from such people, Sumit urged organizations to invest in the best protection technology available and make sure to turn on all protection. “Even if you buy the best protection technology, you might not have properly implemented the technology. That might leave you open to attacks.” Sumit reiterated that “is one of the protection technologies that you can find for protection of devices.” He also stated that Sophos programs cover all kinds of operating systems from mobile devices such as iOS and Android to macOS and Windows.
“An early way for a small business who doesn’t have the resources to look at all these things and have the expertise is to outsource it, Sumit advised. He further explained that companies like Sophos have services similar to their Rapid Response Services that can “stop a live attack happening within hours.” “Our trained experts are looking, hunting for any compromise or threat indicators. They can discern and act on their customers’ behalf,” he explained.
“What we do then is to do the proper maintenance to make sure that there is no other threats or indicators that we find,” Sumit stated. He then added that Sophos offers a 45-day clean-up service to guarantee the purity and cleanliness of the network when they hand it back along with recommendations on how to stop these threats in the future.
When asked on how cybersecurity and law enforcement agencies can be steps ahead of cybercriminals, Sumit answered that agencies such as Sophos have adopted Deep Learning technology – a type of artificial intelligence that “is predictive, meaning even if cybercriminals come up with a new way or a new methodology to attack customers, we’ll be prepared.” “We have solutions built that are adaptive and predictive,” Sumit said. “With the expertise that we have through our Sophos labs and Manage and Response Team, we’re able to not only warn our partners and customers about these kinds of situations, but we can also protect them against those.” He then stressed that while their protection is not always 100%, they can still considerably reduce the risk of attack.
Another method Sumit mentioned was to have a “synchronised security” system. He further explained that Sophos created an automated system for their customers where “we do detection, investigation and remediation automatically.” “Think about it this way: one compromised laptop could take about eight hours to recover. If you have a hundred users, [then] that’s a lot of man-hours to fix,” Sumit added. He then mentioned that the recovery process of a compromised laptop with synchronised security will only take 10 seconds. “Essentially, you save all that time and effort. As a user, you don’t even know that it has been remediated.”
Sumit agreed that it will take every worker or individual to protect not only themselves but also the entire system. He believes that investing in good technology, being educated and knowing how to recognise threats is very important. “Working from home can make us very relaxed; we can make mistakes sometimes,” Sumit stated. “But then there are technologies that will protect you when that happens.”
Remember: it is important to know your enemies, protect your company and protect yourself from cybercriminals who are lurking out there unnoticed.