Are employees your best defence against today’s cyber threats?
In our Zoom for Thought on June 30th, 2020, UCD Discovery Director Prof Patricia Maguire spoke to Tom Keating (pictured),VP of Engineering & Belfast Site Leader, Proofpoint, asking “Are employees your best defence against today’s cyber threats?” In case you missed it, here are our Top Takeaway Thoughts.
The weakest link
Cyber attacks start with people - so your cybersecurity should too. Email is the “number one threat factor” so always “pause for thought” before clicking on links or attachments in emails. “Human beings are drawn to click those links and that’s why we take a human-centric approach to cybersecurity; because they are the weakest link for getting into an organisation”.
Healthy paranoia
Employees should have cybersecurity training that gives them “a healthy paranoia”. Cybercriminals are “very, very smart people” whose emails containing malware are “very scripted and very well targeted”. When in doubt, ask for a second opinion before you “click something or take some action that could provide a compromise”. Even if the sender is a trusted colleague but the content is strange, check with them in the real world; their email account may have been hacked.
Stepping stone
Don’t presume you are not worth hacking. Anyone can be targeted, even if you think you have no access to valuable assets, funds, secrets, intellectual property or data. Cyber criminals might be after “information about someone you know - and they’re using you as a stepping stone”.
Hacking our habits
Since the Covid-19 pandemic we have been shopping online and streaming TV in our millions. Observant hackers are now “...sending emails to fool people into thinking they are from Netflix or Disney+ or Apple TV - whatever the case may be”.
Arms race
Cyber crime is constantly evolving. “There is no silver bullet solution where we can say, ta-da!” As attackers change and adapt, security providers must too. “It’s almost like an arms race per se.” Proofpoint protects companies, organisations, their IP, data and intellectual property. “The nice thing is you’re protecting people.”
Reputation
Many companies have “gone to the wall” as a result of cybercrime - and the criminals didn’t even need to empty their bank accounts to do it. “Actually [rebuilding] reputation is one of the biggest problems.” If your clients’ private information is compromised, they may feel that “you didn’t take the appropriate checks or take seriously protecting our data”.
Cloud safety
How safe is the cloud? “If you are the classic pessimist you could say you are actually taking your data and putting it on someone else’s computer, that’s what the cloud really is.” Most people don’t mind that their tweets and Facebook posts are in the cloud. But if you are storing company information up there you need to verify that your data is protected and encrypted by the provider “and that their procedures are strong”.
Biography
With over 30 years’ experience in software engineering, product development and leadership roles in sectors ranging from cyber security, financial, computer gaming & eLearning, Tom Keating is responsible for driving the engineering strategy for Proofpoint Essentials. His team is tasked with delivering cloud-based enterprise-class security for small and medium enterprises including email security, continuity, archiving, and social-media protection.
With a proven track record in IT services, data centre and vendor management, Mr. Keating also acts as the site leader for Proofpoint’s fast-expanding Belfast operations.
Prior to joining Proofpoint, Mr. Keating held senior engineering leadership positions at FireEye and Mandiant and was IT director at Capita.
