The Record - Issue 20: Spring 2021

70 www. t e c h n o l o g y r e c o r d . c om I NT E R V I EW W ith remote work having risen sub- stantially during the Covid-19 pan- demic, cybersecurity has become increasingly complicated. According to the Cost of a Data Breach Report 2020 from consulting firm Capita, remote workforces have increased the average total cost of a data breach by nearly $137,000. Danny Jenkins, CEO of security tech- nology provider ThreatLocker, believes the best way to combat this is a zero-trust policy. “A zero-trust concept basically means start with no trust, and only apply trust where it is required,” he says. “Every time you open a pro- gramme on your computer, it has access to all of the data that you have access to. We assume that these applications aren’t going to steal our data and we instil trust in them, but sometimes they get compromised. “By implementing a zero-trust strategy, we stop applications running that aren’t needed by the business. The philosophy is to only allow what is needed, as opposed to allowing everything and then trying to look for those things that could be problematic later.” Despite its prevalence on our devices and its reputation for being a fix-all solution to cyber- attacks, Jenkins says that organisations should not rely solely on antivirus software for their cybersecurity. “Antivirus software is essentially trying to understand if something is good or bad, and then block the bad things,” he explains. “They do this by relying on a blacklist and using past expe- riences to create rules that designate applications as bad. But this creates problems in two ways. “First, if the antivirus software decides that, for example, synchronising with the internet means a cyberattack is impending, then it ends up blocking legitimate file-synchronisation tools. It is very difficult for an antivirus to tell the difference between something like Dropbox and a custom piece of malware. They do the same thing and sometimes with the exact same code. Fundamentally, it often fails.” Jenkins says that the other problem with antivirus software is that it can fail to prevent attacks that weaponise ‘safe’ applications. “For example, someone recently hacked into a water company in Florida and changed the hydro- gen chloride levels to 11,000 parts per million, which is essentially poison,” he says. “They did this using a remote access software. They didn’t need malware, so the antivirus didn’t detect it.” Cybercriminals are changing their tactics all the time and, using zero-day attacks, they are exploit- ing software before or as a patch is released. “These attacks are generally known about before a programme has been patched,” says Jenkins. “A lot of cybercrime revolves around providers not patching their systems. But when you have a zero-day attack, it doesn’t matter how good your cyber hygiene is, how well you patch your systems, you’re still vulnerable.” But organisations can mitigate the risk of these attacks. “Although these attacks exist, you should still patch your systems to avoid non-zero-day attacks,” says Jenkins. “But you should always assume that your network and infrastructure are compromised and impose controls inside your environment that restrict movement once somebody gets in.” Cybercrime is one of the biggest threats facing businesses today. ThreatLocker is helping customers understand and improve their security environments and practices Trust in cybersecurity BY E L LY YAT E S - ROB E R T S “The most likely way to go out of business in 2021 is a cyber breach” DANNY J ENK I NS , C EO, THR E AT LOC K E R