Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
ONKAR BIRK, SVP STRATEGY AND
ENGINEERING AT ALERT LOGIC
EDITOR’S QUESTION
The COVID-19 pandemic has had
a dramatic impact on businesses
around the world. People are being
directed to maintain social distance and
that has led many enterprises to implement
mandatory work-from-home protocols.
Although the sudden spike in remote
working poses unique cybersecurity risks,
there are steps businesses can take to
bolster defences.
/////////////////
Many organisations already struggled with
the complexity of hybrid or multi-cloud
environments and maintaining visibility and
effective cybersecurity. With companies
suddenly asking all employees to work from
home, there has been a remarkable surge in
the number of users connecting to company
networks and accessing sensitive data from
home computers over the public Internet.
In order to bolster security, enterprises can
start by reviewing cybersecurity policies with
employees, making sure that devices have
endpoint protection in place, leveraging
Machine Learning and user behaviour
anomaly detection to actively look for
suspicious or unusual activity and separate
the signal from the noise. Finally, enterprises
should augment technology with human
intelligence to accurately prioritise and
effectively respond to emerging threats.
Machine Learning and user behaviour
anomaly detection are essential. The ability
to quickly analyse an overwhelming volume of
signals and data and identify traffic or actions
that seem suspicious or unusual will enable
IT teams to avoid alert fatigue. Although
cybersecurity tools and Machine Learning
algorithms are useful, they alone are not
enough and the human element is imperative
too. Cybersecurity experts with the skills and
experience to recognise threats and malicious
activity are necessary to provide context and
prioritise the most urgent issues. Most small
and medium-sized businesses are challenged
to hire and retain these cybersecurity experts
and instead leverage third-party managed
security vendors to extend their own internal
security team.
Managed detection and response
capabilities in particular are effective for
detecting and responding to cyberthreats
quickly, helping security teams costeffectively
bridge gaps and reduce the
likelihood or impact of successful attacks.
Organisations must make sure that
computers are patched and updated and
verify that devices have endpoint protection.
They should also remind employees to
be suspicious of emails from unknown
sources and to refrain from opening file
attachments or clicking on links; ensure that
workers connect to the company network
and sensitive data through secure means,
“
ORGANISATIONS
MUST MAKE SURE
THAT COMPUTERS
ARE PATCHED
AND UPDATED
AND VERIFY
THAT DEVICES
HAVE ENDPOINT
PROTECTION.
such as a VPN connection; and instruct
them to store data on company-sanctioned
cloud storage platforms.
www.intelligentcio.com
INTELLIGENTCIO
35