October is Cybersecurity Awareness Month
October happens to be Cybersecurity Awareness Month. Launched 19 years ago and celebrated in October each year, represents the importance of public/private partnerships in technology, data and communications security.
“Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally.” This year’s campaign theme, “‘See Yourself in Cyber’ — demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people.”
It all ties back to this year’s CyberSecurity Awareness Month theme which reminds us that it's really all about the people. However, it's also all about the technology that we invest in to support our people’s success.
To take a step back, the evolution from an onsite work model, to the new paradigm of WFH or WFA, as well as hybrid, wasn’t without its challenges. Perhaps one of the biggest bumps along the way was figuring out how people could WFH not only productively, but securely. At the beginning of the transition, many organizations were forced to depend upon their virtual private networks (VPNs) for network access and security and then learned the hard way that VPNs were not up to the task. It became clear that VPNs were not designed nor intended for the way we work today.
"Both external and internal bad actors were and are still exploiting inherent vulnerabilities in VPNs. Instead, forward looking IT organizations have discovered the answer to the VPN dilemma. It is an innovative and highly reliable approach to networking connectivity – the Software Defined Perimeter (SDP). This approach enables organizations to build a secure software-defined perimeter and use Zero Trust Network Access (ZTNA) tunnels to seamlessly connect all applications, servers, IoT devices, and users behind any symmetric network address translation (NAT) to any full cone NAT: without having to reconfigure networks or set up complicated and problematic VPNs. With SDP, organizations can ensure safe, fast and easy network and data access; while slamming the door on potential cybercriminals.”
- Steve Santamaria, CEO, Folio Photonics
Today, a multi-pronged strategy is the most common approach to protect against cybercrime. This usually includes a mix of security software, malware detection, remediation and recovery solutions. Traditionally, storage cyber-resiliency is found in the form of backup to hard disk and/or tape. Both media have relatively short lifespans and can be overwritten at a material level. They also offer distinct advantages as well as disadvantages. For instance, tape is less expensive but it has very strict storage and operating conditions. And disk offers a potentially much faster restore time, but the cost can be exorbitant. For those that have the flexibility to do so, they may be forced into picking-and-choosing what they save, and for how long they save it.
Advice to these customers is that beyond protection, organizations must be able to detect ransomware as early as possible to stop the threat and ensure their ability to remediate and recover. A backup solution that includes anomaly detection to identify changes in an environment that warrants the attention of IT is a must. Administrators must be able to tailor anomaly detection to their business’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And, those anomalies must be immediately reported to management, as well as aggregated for future ML/analyzing purposes.