Today we talked with Sergey Akchurin about CyberSecurity in the present days.
We help companies become cyber resilient and help them maintain balance between safety and flexibility.
1. What do you think are the biggest threats for companies at the moment, and what are common weaknesses in IT security strategies?
The main threats for the companies are:
- data leakage due to the non-secure remote connection to the IT assets and services
- disruption of services and personnel availability due to the not redundant home environment (electricity, internet connection)
- the vulnerability of corporate devices in the home network (not configured routers, smart IoT devices in the network, physical access of third parties)
The main reason for that is most companies were not ready for such a scenario, and disaster recovery and business continuity plans were not in place.
2. What is the key to good CyberSecurity?
The key element of cybersecurity today is personnel acknowledgment of their essential role in business cyber resilience.
That’s why it is crucially important to pay special attention to personnel cybersecurity awareness in order to assure it’s sufficient level, especially during work from home period.
Second, but not less important, is proper re-configuration of the company’s information environment, considering new challenges and threats.
3. Is there a security skills gap right now? Do you think companies should invest more in security training?
For sure! It is a fundamental activity nowadays because now the security of corporate devices and data is the responsibility of every employee. Meanwhile, the business must provide personnel with proper information and guides to enforce security measures at home.
4. Do you have any tips on how to protect personal data?
Quite simple and well-known recommendations still work:
- Full-disk encryption of corporate devices
- Strong password policy and authentication rules
- Obligatory multi-factor authentication to the services with sensitive data
- Do not store sensitive data on any devices (corporate or own) locally, perform all tasks remotely in cloud or in secure company’s environment
- Establish a secure connection to the on-premise systems and cloud services with sensitive data
5. Do you think that users are getting more tech-savvy?
Yes, but the trend is on the same level as before. Users, that are not deep technical guys, still have not become security “stars”. However, they pay more attention to their security for sure and request support from IT and security experts more often.
6.If you had to recommend another expert in cybersecurity to follow, for example, on LinkedIn. Who would that be?
Serhii Akchurin – https://www.linkedin.com/in/akchurinsergei/
Vitaliy Yakushev – https://www.linkedin.com/in/vitaliyyakushev/
10Guards – https://www.linkedin.com/company/10guards/