In an exclusive interview Candid Wuest, VP of Cyber Protection Research at Acronis, discusses why it is crucial to have a backup and disaster recovery in place and organisations should focus on training their workforce with the latest tools.
How can enterprises achieve security and agility in a dynamic landscape?
With the constant lack of resources to fight the growing wave of cyberattacks, it is important to automate the software stack where possible. This means solutions need to be integrated to correlate events across silos and make informed decisions. It also means that the complexity needs to be reduced. In a recent Acronis survey, 21 per cent of the respondents said that they are using more than ten different security solutions in parallel. This results in a lot of complexity, making it harder to automate and increase the risk of mistakes.
As many businesses are working remotely, how has this impacted cybersecurity?
The shift to remote working clearly tremendously increased the risk in regards to the access to an employer’s network through the security weaknesses of employees. Furthermore, attackers surfed on the emotional side of COVID-19, putting together very efficient attacks and used the governments’ communication as a door to enter businesses’ cyberinfrastructure.
What are some of the industrial sectors that Acronis caters to?
Acronis’ products are not limited to any industry. Our solutions are tailored to just about any business profile and any individual — from an SME to an enterprise and from a student to an independent professional — as everyone can be a target of cyberattacks. Regarding sectors, we have customers in key industries in the Middle East such as Oil and Gas, government entities, Energy and supply chain.
Also Read: Top Global CyberSecurity Influencers
How are cyber threats becoming more sophisticated? And how are companies preparing?
Today, companies base their key decisions mostly on data, and they need to be able to trust this data. Cybercrime is a growing threat, but cybercriminals are using smarter approaches because people are becoming more and more cautious. Companies should focus on training their workforce with the latest tools, and decision-makers need to be comfortable using data processing tools as well as not rely on staff for analysis. It is not only a matter of security experts and IT professionals. Everyone in an organisation is a potential risk and should be kept informed of risks and avoid them.
What should cybersecurity companies do to protect Customer Identity Information?
Sensitive data, including customer data, needs to be protected at all times. This starts from knowing where it is collected and stored and maybe even verifying if it is required to be collected. Furthermore, access needs to be restricted and monitored, so that unauthorised or suspicious access can be detected. Unfortunately, we still see that cloud instances such as ElasticSearch DB or AWS S3 buckets with sensitive data are accessible from the Internet by anyone. Such configuration mistakes need to be prevented.
Explain SAPAS, what’s the vision behind it?
We have developed a holistic approach to cyber protection composed of five vectors: Safety, Accessibility, Privacy, Authenticity and Security (SAPAS). This allows for a well-rounded, comprehensive protection experience beyond traditional backups or classical anti-virus solutions that only focus on one part of the situation. Businesses and individuals need to evolve to cyber protection to anticipate and defeat cyber attacks. That is why behavioural anti-malware like the one found in Acronis Cyber Protect Cloud with Active Protection has emerged as an important defence against hackers. Active Protection uses artificial intelligence and machine learning to identify malware by how it behaves, looking for suspicious activities instead of matching it against a known threat database.
Also Read: Winning Cybersecurity Like a Gamer
Acronis recently released an advanced protection pack for Acronis Cyber Protect Cloud. Tell us how important it is for companies to protect themselves from email-borne threats.
Most threats come from emails and unpatched systems and software, allowing targeted malware attacks. Acronis protects its customers from such threats through integrated cyber-protection software. It can disrupt these attacks at various stages depending on the attack at play, providing defence in depth. First, it provides patch management, helping to ensure that the software is up-to-date. Then, if the attack still happens, it stops the malware from running using both the traditional signature-based approach and modern AI-based detection.
Finally, if none of the protections worked for some reason and, unfortunately, your data is encrypted, it still allows recovery from secure remote backup. So, in 2020, following the hit on the world by the pandemic, we launched Acronis Cyber Protect Cloud, the only complete Cyber Protection solution tailored to improve remote work data protection and cyber security. Indeed, 36 per cent of respondents in UAE said that the biggest IT challenge their organisation has faced during and following the shift to remote work was securing data of their employees remotely, and 45 per cent said that their organisation experienced data loss which resulted in business downtime. New cyber threats require new tools and active protection.
How important is it to have a backup and disaster recovery in place with many companies migrating to the cloud?
Patching, using strong authentication, and employing strong malware protection are still the most important measures to take. Most attacks are still falling in the category “not sophisticated” and are due to human action: they start with a phishing email, with an easy to guess or a reused password known to attackers from another compromised source or an old and forgotten service exposed to the internet. Then, attackers start stealing the data or gaining enough access to run ransomware. The easiest way to avoid damage is to stop the attack before it begins with preemptive measures or at the initial point when it starts, but of course, in-depth defence or forensic is essential. Furthermore, a disaster recovery (DR) plan is always a good idea, and its objective is to ensure that you can respond to a disaster quickly and seamlessly while minimising the risk and cost to your information systems and business operations. DR is now easier to use and can be rapidly implemented by workload and location. By tiering your applications and departments by criticality, you can provide different services based on the organisation’s needs.
What is that one motivational quote you live by?
Always be curious and ask questions, but never give up.