01732 759725
VOX POP
36
Cyber Security
Barely a day goes by without reports of another major cyber breach.
Technology Reseller
asks who is to blame and what the IT channel should be doing to
protect customers
Richard Stiennon
,
Chief Strategy Officer
,
Blancco Technology Group
“The burden of protecting data – and
preventing a data breach – shouldn’t
fall onto one single person, team or
stakeholder. Instead, it should be a
shared responsibility between the owner
of the data and any managers of the data
(i.e. solutions providers, cloud storage
providers, data centres etc.).
“To start, IT departments must take
responsibility for knowing what types of
data are stored by the organisation – both
on premise and offsite by cloud storage
providers and in data centres. This group
should also take the necessary steps to
educate their end users on how data must
be managed at every stage of its lifecycle.
“In turn, solutions providers, resellers
and VARs can find themselves at risk
of data exposure/leakage if they don’t
clearly communicate the data security
precautions they’re providing and not
providing. For example, many resellers
often overlook the need to erase data
when hardware is decommissioned.”
Andrew Bushby
,
UK Director
,
Fidelis Cybersecurity
“No one is specifically to blame for the
rise in data security breaches. End user
awareness is key for smaller, mistake-
based breaches. However, the blame for
larger scale breaches should be placed at
the doors of the perpetrators. This does not
mean that solutions providers, resellers/
VARs, IT departments or end users are free
to do nothing. They need to go beyond
tick box compliance to deploy true threat
detection solutions that care about both
the prevention and detection of threats,
and it falls on the heads of the IT channel
to truly educate IT departments on the
need to go beyond the old basics.”
Steve Nice
,
Security Technologist
,
Node4
“Cyber criminals are to blame for the rise
in data security breaches. If a burglar
broke into your house, you wouldn’t blame
the lock manufacturer would you? However,
while more needs to be done to capture
and prosecute the criminals, everyone has
to take some responsibility for reducing
the security risk. We have identified a huge
market opportunity for solutions providers
to develop innovative new security services
that resellers and VARs can take to market.
“We have put together a managed
security service with several components,
including threat intelligence, vulnerability
assessment and penetration testing,
so that the channel can add their own
expertise and create a solution tailored
to each client’s needs. Ultimately IT
departments and end users have to use
these tools in accordance with their best
practices and follow the rules. We are
seeing too many breakdowns throughout
this chain, which inevitably leads to a
security failure. The channel has a huge
opportunity to address this issue head-on
by delivering the security services and
expertise that businesses need.”
Rob Reid
,
COO and Founder
,
StayPrivate
“It sounds rather like an answer that is
designed to avoid addressing the question,
but ultimately we are all to blame and
not necessarily through our own fault, as
the internet, big data and social media
have made the made the digital world
an increasingly complex place. As a
consequence, we are all still coming to
terms with what new technology is capable
of and what it means for information
security and privacy. The more data is
disseminated and stored on the internet,
the more security is becoming a real
issue.”
Part I
Who’s most to blame for the rise in data
security breaches: solutions providers,
resellers/VARs, IT departments or end
users?
Roy Duckles
,
Vice President of Business
Development
,
Positive Technologies
“Our research shows that there are a
number of weaknesses when looking at
enterprise network infrastructure protection.
While many systems are better protected
externally, they are still susceptible to
internal attacks. A leading vulnerability on
the network perimeter is outdated software,
and in internal networks, account and
password management flaws. The number
of employees who click through to external
sites is growing drastically, and the security
level of one third of wireless networks is
below medium.
“As a company we have tested the
infrastructure of several large enterprise
companies. We found that 76% of the
systems allowed a hacker to gain complete
control over certain critical resources, and
in 35% of systems, these privileges were
available to any attacker acting from the
outside. It was impossible to gain control
over critical resources in only 24% of
cases. These results actually indicate an
increased level of security as compared to
the results obtained in 2013 and 2014.
A hacker could take full control over the
whole corporate infrastructure in 50% of
the systems under analysis. In 19% of
cases, an external attacker could gain such
privileges, and in 31% of cases, an insider
from a user segment of the network.”
No one is
specifically to
blame for the rise
in data security
breaches.
End user
awareness is
key for smaller,
mistake-based
breaches
Roy Duckles,
Vice President of Business Development
,
Positive Technologies
Richard Stiennon,
Chief Strategy Officer
,
Blancco Technology Group
