With data hacks on the rise, CyberGhost spoke with Dmitry Nikolaenya, Head of SIEM Department at ScienceSoft, a leading cybersecurity provider, to get a better understanding of the leading cyberthreats that target SMBs, how his company helps protect its users, and helpful tips for securing your network.
1. Dmitry, can you briefly tell us about your company’s core services and what makes ScienceSoft special?
ScienceSoft has been in cybersecurity since 2003 – that’s almost two decades. Over this time, we’ve learned one thing about IT security: there’s no one-fits-all solution. So, the best thing we can do is always stay on top of our game and offer a holistic, but tailored approach to each of our clients. We factor in every aspect of their IT security and all the possible threats they may face, then customize their security controls to offer the most pragmatic answer to their specific problems.
Right now, we offer a full range of security testing and consulting services and flexible cooperation options. Plus, we believe in long-term business connections built on trust and mutual value. We have clients who have been with us for over 5–10 years, and our partner network includes IBM, AWS, Microsoft, Cisco, Oracle, and more global tech leaders.
2. It seems like data hacks are on the rise, how does ScienceSoft help secure a company’s data?
To meet all of our customers’ security needs, we’ve assembled a strong, multi-skilled cybersecurity team. To ensure advanced threat detection, investigation, and response, the experts from my department deploy and fine-tune SIEM solutions that collect and analyze log data from the entire IT environment. We also offer consulting on SOAR technology. It enables integrating security tools in a centralized system and automating security operations for speedy and efficient threat hunt and security incidents remediation.
Our security testing engineers, which include Certified Ethical Hackers, provide vulnerability assessment, penetration testing, source code review, and social engineering testing to proactively identify vulnerabilities in software and IT infrastructure, as well as unsafe employee behaviors that can lead to data breaches.
Plus, our compliance consultants are ready to ensure that an organization has all the necessary data protection security policies, procedures and technologies in place to comply with key data security standards and regulations such as HIPAA, PCI DSS, GDPR, and others. We are ready to implement all necessary data protection mechanisms for networks and applications: access control, authorization, authentication, encryption in transit and at rest, masking, integrity checking, backups and secure deletion.
3. What are some of the biggest cyber threats that target SMBs that you’ve seen, and is there any way to prevent them?
Owners of smaller businesses may mistakenly think that hackers only attack large companies. In reality, SMBs are a very common target: while they often have the valuable data that cybercriminals hunt for (financial information, personally identifiable data, intellectual property etc.), they are likely to lack the necessary cybersecurity skills, polices, and tools to reliably protect this data. The most common threats that these companies face are phishing attacks, malware, including ransomware, and security breaches due to human error.
To minimize the likelihood of a security breach, SMBs should therefore first and foremost build a security culture within the company: raise employees’ cyber awareness through training and conduct social engineering tests to see how well they can respond to real-world attacks. Up-to-date security tools (e.g., firewalls, antimalware, IDS/IPS, SIEM) that help prevent or detect malicious activity is definitely a must for a company of any size.
To build a well-rounded IT security system, SMBs should undergo a comprehensive security assessment of their IT environment. It will help identify weak spots (poor or missing security policies, network or software vulnerabilities) as well as define and prioritize the required remediation measures. Having their IT security managed by a reliable vendor is often the best strategy for SMBs, as it gives easy access to a vast pool of advanced cybersecurity skills and tools while offering affordable pay-as-you-go pricing.
4. I see that ScienceSoft has a division that works with mixed reality – can you talk about some of the cybersecurity challenges that occur in this realm?
Mixed reality apps often gather a huge amount of personal data about their users: their location, surroundings, activities, even health information. As the devices that support MR (smartphones, headsets) commonly rely on Bluetooth and Wi-Fi, hackers can perform man-in-the-middle attacks to intercept sensitive information. Depending on the kind of information they manage to get, they can use it for sophisticated social engineering attacks, identity theft, or even to blackmail the user.
Plus, malicious actors may disrupt the availability of MR infrastructures with ransomware and DoS attacks or manipulate the mixed reality content – that can endanger critical operations like surgical procedures or safety checks at manufacturing sites.
5. Do you have any tips or practices that the average user or business can implement to secure their network and protect their data?
To protect yourself against data breaches, it´s important to follow these best practices:
-
-
-
-
- Take an inventory of all the accounts, software, and devices you use. Regularly update your security tools and any other software you use as outdated apps usually contain vulnerabilities. Delete unnecessary accounts and applications.
- Enable audit logging on each and every device within the corporate infrastructure. Implement centralized logs storage or preferably a full-fledged SIEM solution to receive and analyze log data in real-time, store it securely, and create compliance reports when needed.
- Establish strong authentication mechanisms. Set up complicated passwords, change them regularly, store them securely in a reliable password manager of your choice. Use multifactor authentication wherever possible.
- Encrypt your data and make regular backups of it. Make sure your backups are located on the subnet with the most restrictive access, and the credentials needed to access them are different from the original system.
- Beware of suspicious emails: don’t follow the links, download the files, or fulfill the instructions they contain.
- Apply restrictive BYOD policy. Pay attention to WLAN access policies, enable certificate-based authentication and MAC filtering.
- Use corporate VPN or a VPN by a trusted provider for additional security, especially when connected to a public Wi-Fi network.
-
-
-
6. Why is a VPN such an essential online security tool for businesses and individuals?
I would recommend using reliable VPN to anyone who cares about their privacy and security online. Establishing encrypted connection, masking your IP, location, and browsing history, VPN protects the data sent and received with your device and makes your online activity harder (but not impossible!) to trace. VPN is a must-have for businesses that rely on remote and hybrid work, as it ensures secure access to corporate resources from anywhere.
Leave a comment