search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Industry Roundtable “Channel companies can scale up with the appropriate people


and solutions, they can help customers get value from technology faster. Tose partners that don’t take that approach will not stay in business.”


What industrial sectors are experiencing increased threat and challenges of cyber security? Joel Rennich: “Te challenges around security today are pretty horizontal - all companies face problems in protecting their systems. Te differences are in how many resources they have available to them to fix those problems and manage tasks. Small businesses in particular are thinly stretched, so they need the most help from service providers and partners to cope. “Small businesses need more help to protect themselves against


that increased threat that exists. Te challenge is how to make this easy to achieve.”


Matt Middleton-Leal: “We are definitely seeing a big rise in threats around the Internet of Tings. Te number of ransomware attacks that affect IoT-type environments have skyrocketed. “I think the perception is that all the hackers go aſter the banks,


because that’s where the money is. Tat’s very, very outdated. Now the vast majority of breaches appear to be in the SME market space. Attackers go aſter those smaller organisations because they know SMEs can’t invest in the tools and people to protect themselves, and there is clearly a big skill shortage. So even if you do have the budget, you can’t find the people. “Te biggest risk factor we see is not industry but capability. Tere


are attackers out there with a ‘spray and pray’ mentality, where they will just ping every organisation and look for poor configurations. Tey will go aſter the ones that have the worst set-ups in place, which will tend to be smaller businesses with smaller numbers of IT staff.”


Are there any new threats that have emerged recently? If so, what and how have these come about? Joel Rennich: “Tere are plenty of new ransomware attacks taking place. Alongside this, there are attacks on user accounts to get access to cloud services or to applications that might host financial data. Protecting accounts with multi-factor authentication is a necessary step to prevent those kinds of attacks, or bad actors can get access to those services and use them for their own ends. Tis might involve cryptomining, or using that application account as a bridge to steal information or implement a more serious security breach.”


Matt Middleton-Leal: “Tere aren’t new threats, but there are new vulnerabilities in systems which enable people to build new, more sophisticated attacks and strategies. If you look at the Log4Shell or Pwnkit vulnerabilities, those are the new risks, and the threats come aſter those vulnerabilities are discovered. It’s an arms race to see who’s going to find those loopholes. “To defend against this, it’s about getting the basics right. For


example, we still see sites vulnerable to cross-site scripting, which has been known about for fiſteen years. Tis is purely because they do not carry out the appropriate testing regimes. Applications will be released before adequate penetration testing has taken place. “Whilst a lot of this has to do with budget and skills, some


www.pcr-online.biz


organisations don’t have the money and have to go for a cheaper option. Lastly, there is always human error to consider too.”


What advice would you give to the tech channel to help safeguard their business? Joel Rennich: “Look at how you manage user identities. Tis is the starting point for successful security projects like zero trust. Tis is based on establishing a secure chain across IT resources, rather than simply trusting someone is who they say they are at the start. “If you are a MSP, then you can build out your services to small and mid-size businesses around directory and identity services. SMBs have been under-served in this market because the traditional products here like Active Directory are built for enterprises with thousands of users. Tey oſten require on-premise hardware too, which SMBs don’t tend to want today. Offering cloud directory services that can deliver user management and integrate other IT admin tasks can be a strong foot in the door with a stressed sysadmin. “Finally look at services that can increase security and, at the same


time, increase user experience. Many security tools and methods are ignored by users because they are just too complicated to use. In order to win the hearts and minds of your users, you have to offer them functionality and ease of use in addition to security.”


Matt Middleton-Leal: “Eat your own dog food! Security vendors provide these tools and they are effective. Apply those same solutions internally and make use of them to improve your approach. You should have specialists and consultants as part of your offerings and you can use their skills as part of your approach.


What new threats or challenges is the consumer industry facing in regards to cyber security? Joel Rennich: “Everyone faces attacks on their personal devices and accounts. Protecting them involves the same approach as business applications should have in place - use multi-factor authentication for your accounts where it is available.”


Matt Middleton-Leal: “Te number one risk is phishing, this is still the single biggest risk to the consumer market. It’s so widespread, because people are using their laptops to do banking and use digital services. Tere are little things that you can do, like checking for spoofed email addresses. “Te second risk is simple - people don’t update, you go on people’s


laptops and they have not rebooted it for eight or so months. And it’s got a huge stack of updates pending. So guess what? Tat machine is vulnerable.” “Helping people get their security right by making it easy and automatic can help consumers the most.”


How can businesses look to simplify their security infrastructure to manage all endpoints and areas that could come under attack? Joel Rennich: “Consolidating services will help IT sysadmins to get more done and cope with the huge amount of requests and work that they have to deal with. For example, simplifying user identity management can help those businesses reduce their costs and improve their efficiency. However, this can also be an opportunity to implement


April 2022 | 27


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52