Ignorance is bliss… for hackers

Thursday, 01 July 2021 16:47

By Woodrow Mosqueda, Bitglass

GUEST OPINION: Imagine standing in front of the CEO and company board of directors, asking them for a cheque for an obscene amount of money to pay off hackers that are holding critical data hostage and disrupting the company business.

Certainly many are cringing at the very thought of this and have blocked the uncomfortable scenario from their mind, instead hoping that the company’s current security strategy is strong enough to prevent becoming the next victim of a high-profile data breach or ransomware attack.

The fact is that while ignorance is bliss, it will not prevent this scenario from occurring. The cycle of ignorance that exists today is bad for organisations, blissful for hackers, and needs to be broken before it is too late.

My company’s CEO, Nat Kausik, has described the SolarWinds attack, detailing how once hackers were able to breach the company’s network via a compromised laptop, they were able jump freely from the company’s active directory infrastructure to the Azure active directory, and ultimately take over Office 365, where they were able to achieve full access.

This, Kausik pointed out, was due to the fact that the company employed an integrated security infrastructure approach, as opposed to a security posture comprised of independent vendors and tools.

On paper, having a single vendor for IT and security can make working life easier, such as not having to worry about interoperability issues. However, relying heavily on a single vendor infrastructure also makes life easier for the hacker.

The SolarWinds breach is a prime example of how hackers were able to ride the connected fabric of an all-Microsoft shop. This begs the question, ‘Will the developer of the infrastructure be able to see its own vulnerabilities?’ This is akin to why quality assurance (QA) and development/manufacturing/building are typically separate across any industry of choice.

That said, many organisations still rely on a single vendor, thinking they have both ease-of-use and security. This wilful ignorance, if left unchecked, can have serious implications in the future.

To deal with today’s evolving threats, it is imperative that we break this cycle. Relying on a single vendor for both infrastructure and security is not good for your business. We need to start making the hacker’s job harder and not easier. This can be achieved by employing best-of-breed security practices at all segments of the infrastructure via security products and services that are independent of the underlying infrastructure.

Failure to do so may result in that very uncomfortable talk with your CEO and board becoming a reality.

To learn how Bitglass can provide an extra layer of security on top of the Microsoft tools you may already be using, download the Bitglass solution brief on how the company’s technology complements Microsoft Security.

Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

Ignorance is bliss… for hackers