Remove the Complexity of Sophisticated Cybersecurity to Beat Sophisticated Threats

March 22nd, 2021

In a recent webinar hosted by Spiceworks titled, "Removing the Complexity of Sophisticated Cybersecurity to Beat Sophisticated Threats," Rob Knake and Rob Simopoulos explained the current cyber threat landscape. They detail how organizations without security teams can begin to gain the same comprehensive protection of larger enterprise cybersecurity solutions without the expense or complexity. Rob Knake is the former White House Director of Cybersecurity and Rob Simopoulos is a 20+ year security veteran and Co-Founder of Defendify. 

Rob Knake | Let cybersecurity policy creation under  U.S. President, Barak Obama

Advanced Persistent Threats

In the webinar, Rob Knake discussed how in recent years, cyberattacks have become increasingly sophisticated. Knake shared that he uses the term "advanced persistent threats" to describe these new cyberattacks. The reason is that the technology and tactics used to carry out these cyberattacks are more advanced, and the threats are more challenging to detect than those of the past. 

One example of a recent sophisticated cyberattack that Rob Knake and Rob Simopoulos discussed during the webinar was the Solar Winds breach. This cyberattack was a large-scale breach that impacted hundreds of sophisticated organizations, including government agencies such as the Department of Homeland Security and the Department of Defense, as well as large cybersecurity companies. Rob Knake shared that this attack, which went undetected for months, is a prime example of how sophisticated and skilled cybercriminals are. Their advanced tactics and technology allowed them to execute this large-scale attack while remaining undetected. 

While these advanced and sophisticated threats may seem daunting and impossible to counteract, there are steps that organizations without a security team can take to bolster their cybersecurity posture and prevent the harmful effects of these attacks. Many companies have antivirus and firewalls in place, but it is essential to go beyond these basic measures to strengthen the organization's cybersecurity posture. 

Employee Awareness

One crucial aspect of cybersecurity that Rob Knake discussed was building strong employee awareness around cyber threats. Human error is typically the culprit for allowing many bad actors and cyberthreats to access networks and data.

Here are three ways that Rob shared that organizations can increase employee awareness about cybersecurity threats:

Awareness Posters

Once employees move back to the office, use awareness posters with helpful cybersecurity tips and reminders around the building. This process helps ensure that the best cybersecurity practices stay top of mind for all workplace employees.

Videos

Having employees watch informative videos about relevant cybersecurity threats is another excellent way to increase employee awareness. Regular reminders and fresh content keep employees on their toes.

Phishing Simulations

Rob Knake singled out phishing simulations as an essential aspect of employee awareness training since phishing is the most common way cybercriminals gain access to your networks, systems, and data. 

Phishing simulation emails are emails that a cybersecurity company sends out to your employees without warning so that they can practice identifying phishing emails. Suppose they do click through one of these emails. A system administrator is notified, and the employee will go through a brief, immediate training to understand the warning signs of a phishing email. 

Modernized Systems

In addition to increasing employee awareness, Rob Knake shared that it is also essential to ensure your systems are modernized. While many organizations do not have the resources and a security team to do this independently, there are managed service providers skilled at helping organizations implement these changes. Rob Knake suggested that utilizing a managed service provider and outsourcing cybersecurity are excellent options for organizations who do not have the resources to modernize their systems.

While advanced persistent threats and the rise of sophisticated cyberattacks are scary, there are steps that you can take to prevent these attacks from happening. To learn more about what sophisticated cyberattacks are and more steps you can take to strengthen your cybersecurity posture, watch the entire webinar here. 


More Cybersecurity Insight Interviews with Rob Knake: