Eugene Kaspersky is the chairman and CEO of Kaspersky Lab.
He began his career in cybersecurity “accidentally” when his computer became infected with the Cascade virus in 1989.
“Eugene’s education in cryptography helped him analyse the encrypted virus, understand its behaviour, and develop a removal tool for it,” said Kaspersky Lab.
After removing the virus, Eugene started analysing more malicious programs and developing disinfection modules for them.
This became the foundation for Kaspersky Lab’s antivirus database.
MyBroadband spoke to Kaspersky about the threat landscape in today’s world and what companies need to watch out for.
What are the biggest IT security challenges businesses currently face and how can they be managed?
We have noticed that businesses tend to spend 80% of their security budgets on trying to prevent security breaches, and only 20% on predicting, detecting, and responding to attacks – and that’s just the tip of the iceberg.
Having served the cybersecurity industry for over two decades, the top three IT security challenges that keep cropping up include, but are not exclusive to:
The traditional view of cybersecurity
When it comes to protection, many businesses still have a very traditional mindset that cybersecurity only entails a firewall, an antivirus solution, and some Internet filters – but this mindset needs to change.
Cybercriminals continue to find new ways of attacking companies, therefore businesses should move away from this traditional form of thinking. While IT security departments strive to mitigate and guard the IT system of the organisation, they need to take a complex approach to cybersecurity that includes strong, and at the same time easily manageable, security solutions, employee education, and security policies that are regularly assessed.
IT specialists also need to remember that top management are employees, therefore the same message that is shared with employees regarding IT security should be shared with them.
Security education within the organisation
While security education within organisations is a challenge, cybercriminals will continue to leverage this. Business environments have quickly transformed into digital hubs because of the rapid growth in technology and given birth to trends such as Bring Your Own Device (BYOD) and Bring Your Own Technology (BYOT).
According to our survey, 76% of South African companies have seen an increase in the use of smartphones for work over the last three years. The benefits of these trends are great, however, employees need to understand the basics when it comes to cybersecurity.
So, implementing a BYOD/BYOT policy that provides great tips on how to spot phishing emails and the latest malware, as well as to prevent loss of confidential information, would be a good start.
IT systems are developing and so should security systems. That is so true, for example, if we talk about small businesses growing and enterprises opening new branches.
What are the most important steps a business must take to ensure their systems and online presence are secure?
Businesses need to understand that threats targeted at them will bring tangible losses – not only financial losses, but losses to the company’s reputation. To ensure that the company systems and online presence are secure, our security experts advise the following:
Conduct a security assessment of the control network (security audit, penetration testing, gap analysis) to identify and remove any security loopholes. Audit installed software – not only on endpoints, but also all nodes and servers in the network, and keep it updated.
Use a strong security solution.
Train your employees, paying special attention to operational and engineering staff and their awareness of recent threats and attacks.
What are the biggest cyberthreats businesses currently face?
There are numerous potential cyberthreats to businesses, however, the top three categories of these threats that we want businesses to be aware of include:
Ransomware – We recently discovered an emerging and alarming trend: more and more cybercriminals are turning their attention from attacks against private users to targeted ransomware attacks against businesses.
Data storage protection – Organisations accumulate more and more data, which should be secured properly, regardless of whether it is stored on their server or in the cloud.
Targeted attacks – Targeted attacks can be aimed at any organisation – even an SME if it is a vendor that can lead cybercriminals to their objective. Business should know that even the most dangerous targeted attacks can be blocked using existing technologies, effective deployment of these technologies is what matters. And different security methods have to be implemented in a multi-layered fashion. Then, combined, they will help you safeguard your business.
For enterprises, there are specialised solutions such as the Kaspersky Anti Targeted Attack Platform, which delivers a detailed view into what’s happening across a business’s IT infrastructure.
Are individual users or a company’s systems usually the target of attacks on businesses, or is it a combination of the two?
With the proliferation of technology, it is a combination of both.
From an individual point of view, cybercriminals know we are digital natives, and with each passing day we put more of our lives online. We connect to the web for instant fulfilment because we want convenience. Sometimes this comes at the cost of losing personal information such as images, identity theft, and this makes us all targets for cybercriminals if we are not protected.
From a business perspective, cybercriminals’ tactics never grow old – they are either using sophisticated methods with a tweak, or tweaking old methods.
For example, we discovered a series of “invisible” targeted attacks that use only legitimate software – widely available penetration-testing and administration tools as well as the PowerShell framework for task automation in Windows – dropping no malware files onto the hard drive, but hiding in the memory, which was slightly a new method.