I spend a lot of time talking to cybersecurity experts. Usually, those conversations are based around a specific incident in the news or about the latest study their company conducted, but every so often, I am privy to a discussion about cybersecurity in general. One such discussion was with Lee Rossey, co-founder and CTO of SimSpace.
In part, the discussion covered SimSpace’s recent partnership with Ravello Systems. The partnership has allowed SimSpace to better showcase the advantages of the cloud, such as nearly infinite capacity, availability, rapid deployment, and use of the environment when you want it, and to leverage SimSpace’s Cyber Range product.
Also part of the discussion was Rossey’s take on cybersecurity concerns. I, personally, think that cybersecurity needs to play a larger role in the presidential (and all) elections this year, in terms of national security, personal privacy, and even in terms of business growth. Rossey had some thoughts about enterprise security and what candidates should be thinking about this election season:
[There is a need for an] increased emphasis on comprehensive cybersecurity and preparedness, especially on tomorrow’s threat. Large organizations are putting the resources behind shoring things up and preparing for more sophisticated attacks. Small to mid-size organizations are not as well equipped and becoming the target. One challenge is the abundance of cybersecurity solutions now commercially available, many still focusing on yesterday’s threats, and the difficulty of assessing their relative value.
So what are some of these new threats that Rossey is seeing and how do you best approach them? He told me:
Threats continue to target end users via the typical spear-phishing and web-based attacks. This is why we believe modeling users on the range is so important to provide the network realism and means for threat emulators to infiltrate a network similar in scope and complexity as in the real world. Cyber attacks are becoming more prevalent and increasingly lethal. For example, ransomware is on the rise, while destructive and data manipulation attacks are starting to gain a wider foothold in typical networks. In response, cyber defenses should not focus strictly on detecting data leaks but to develop the ability to both fight though an attack in real time and to react to subtle data manipulations of key business systems, which in either case could have significant implications for a victim organization.
Cybersecurity needs to be a team effort if it is to be done effectively, which is why Rossey and SimSpace take the time to gather cyber intelligence from customers. Although because of the type of platform it uses, the company isn’t directly involved with monitoring the threats. However, Rossey added:
Rather we observe what is happening in the wild and listen to our customers to recreate these attacks and have our Red Teams execute them on the range to assess the preparedness of large organizations to deal with these threats in a safe and contained environment. This helps identify gaps in people, process or technology so they can focus their resources.
So what is the most important piece of cyber intelligence that SimSpace users have shared since the Ravello partnership? Rossey’s response:
We work with large organizations to prepare them against tomorrow’s cyber threats. We run them through a series of attack scenarios on a model of their network and observe their comprehensive performance along the three axes: technology, people and processes. Realistic training or, in other words, following the “train as you fight” mantra on a replica of their network against new and evolving threats helps to ensure their preparedness.
Good cybersecurity always seems to come down to the human aspect and better training, doesn’t it?
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba