Cybersecurity Question of the Month: May

Posted by Fuel HQ on Jun 19, 2017 8:00:00 AM

Each month, we ask Fuel members to weign in with their opinions on the Cybersecurity Question of the Month, and we’re sharing their answers here.
 
Darrin Freeman, a network engineer, is a member of Fuel's Networking & Connectivity SIG. Darrin shared his thoughts on the most recent Cybersecurity Question of the Month.

Cybersecurity professionals are expecting ransomware to grow more aggressive in the coming years, including higher ransom payments and attempts to go beyond attacking data — by shutting down entire computer systems to utilities or factories. However, a key concern is that ransomware will start targeting critical infrastructure.

Too many important computer systems are also connected to the internet — when they shouldn’t be. Businesses are also failing to properly segregate their computers from other processes. When a ransomware infection hits, it has the potential to shut down the entire operation.

How do you think ransomware attacks will evolve further? What steps have you taken within your organization to formulate a recovery plan to avoid downtime?

Fuel Cybersecurity Question of The Month

DarrinI expect to see more intelligently deployed ransomware moving forward. The latest dust up with WannaCry shows how devastating it could be, which will attract the groups that do this — more for a profit than just to see if they can. The targets will be changing as well, not going after the big Fortune 500 companies that have invested in securing and protecting their data, with security response teams on retainer to start fixing and tracking hacks within a couple of hours.
 
The targets are going to be the small- to mid-sized businesses, big enough to have extensive computer systems to keep their businesses running, even having good IT teams to take care of them, but not having the resources on hand to handle an emergency crisis like a ransomware attack. Maybe not even realizing how crippling it could be to lose all the computer systems.

I know we are now starting to realize what a threat this is to our business, and we are working on ways to protect and mitigate damage from a ransomware attack. The main things we are doing are:

  • Trying to educate users and establish good computer habits;
  • Ensuring we have good backups of data on a regular basis;
  • Patching systems as quickly as possible and isolating systems that can't be; and
  • Improving end point protection, workstation management solutions and internal segmentation. 

Now, with this all said, I still expect to have to deal with a ransomware crisis here. No matter what actions you take, you're at risk, and will get hit with something, so also make sure to manage expectations. Always make sure that upper management understands that you are doing everything you can to protect the company's assets, but nothing is foolproof, and that when the worst happens, you have a plan to start getting things back up and running in a timely manner. 

About our contributor:

Darrin FreemanDarrin Freeman, a network engineer and Fuel member, has been using Palo Alto Products since 2013.                                                                                                                                                                   
 

Check Out Our Next Cybersecurity Question of the Month

Weigh in with your opinions and we'll share your answers in a roundtable format on Fuel for Thought. It's an easy, quick way for you to share your expertise and make a contribution to the Fuel community!

Topic: A new report from Cybersecurity Ventures estimates there will be 3.5 million unfilled cybersecurity jobs by 2021, up from 1 million openings last year. In 2017, the U.S. employs nearly 780,000 people in cybersecurity positions, with approximately 350,000 current cybersecurity openings, according to CyberSeek, a project supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology (NIST) in the U.S. Department of Commerce.
 
With growth in cyber crimes hitting all industries and businesses of all sizes, companies need to start making investments in hiring new security talent and improving infrastructure.

How do you think organizations should approach closing the cybersecurity skills gap? What areas would you recommend cybersecurity professionals focus on as part of their continuing education efforts?

Share Your Thoughts

Share your answer in the June 2017 Cybersecurity Question of the Month thread on the forum.

Topics: Cybersecurity, Hot Topic, cybersecurity question of the month, cybersecurity skills gap, skills shortage

Posts by Topic

see all

Subscribe to Blog Updates

Recent Posts

Posts by Topic

see all