Having been in the information security field for many years, I have seen tremendous advances. Technologies like artificial intelligence and machine learning, that seemed like science fiction only a few decades ago, are now commonplace.
However, not everything has progressed in a positive direction, including the cyberthreat landscape. Today’s cybercriminals are motivated by money and use sophisticated and stealthy campaigns to steal valuable data and commit identity theft. The overall financial damage caused by cybercrime is projected to reach $6 trillion by the end of 2021 according to Cybersecurity Ventures, which is double that of 2015.
Another big change that I have seen over the years is that cybercriminals are increasingly targeting small and mid-sized businesses (SMBs). The reason for this is simple: compared to larger enterprises, SMBs have weaker – and in some cases, non-existent – cybersecurity defence systems. It is therefore much easier and highly profitable for hackers to attack smaller organisations.
Customers often ask me what tools they should use to efficiently and cost-effectively improve their current security posture, and ultimately safeguard their data, employees, customers and reputation. The fundamental tools that I recommend are a centralised remote connection manager, a Privileged Access Management (PAM) solution, and a bastion server.
A centralised remote connection manager handles credential management in a secure manner and generates visibility to monitor and enforce compliance. At the same time, it supports extensive and customisable workflow automation, which reduces the risk of accidental data leaks caused by human error or negligence.
A PAM solution delivers real-time alerts and notifications regarding login attempts, along with advanced workflows where approval is necessary prior to accessing a resource. I cannot overstate the importance of a PAM solution, considering that 74 per cent of data breaches start with privileged credential abuse, according to Securis.
A bastion server prevents hackers who breach an endpoint from moving laterally across the network and accessing core servers in the infrastructure. These are crucial given the growing number of third-party supply chain threats, such as the recent Solorigate/Solarwinds attack that many have called the most sophisticated cyberattack in history.
The bottom line is that while technology is getting better and better, cybercriminals are evolving and innovating as well. All organisations need to improve their security posture now, not later. The costs and consequences of getting hacked can be catastrophic.
Maurice Côté is the vice president of business solutions at Devolutions
This article was originally published in the Summer 2021 issue of The Record. To get future issues delivered directly to your inbox, sign up for a free subscription.
Share this story