A panel of experts discuss the growing problem of cybersecurity threats and how the industry is responding with new technologies, new techniques, and broadening the talent pool.
Chris Gerritz
Co-founder & Chief Product Officer, Infocyte
What is best practice for dealing with ransomware?
Ideally you want to respond so quickly to a breach of security that you purge the hacker before they can initiate the destructive ransom portion. Recent tactics in ransomware give you a window of a few hours to up to two weeks between initial entry and initiation of this ransom. Should an attacker successfully encrypt your files and ask for ransom, a professional incident response firm should be brought in to see if it’s possible to recover data. Even if not, it’s important they triage the network to remove the attacker’s malicious access as you start to rebuild.
Salvatore Stolfo
CTO, Allure Security
We don’t often think of honeypots and deception when we think of website security; how does Allure use these two tactics to protect customers?
Phishers seek identities and credentials, [and they] can net fake credentials that are stuffed into their websites — provided the decoy credentials are believable. We can do that easily when they are expecting names, email addresses, and passwords. Automation can deceive many phishers at scale, changing the economics of their activities. Cleverly designed, decoy credentials can also be used to monitor their behavior after they are stolen.
Brendon Rod
Marketing Manager, Ironscales
What is machine learning and how does it relate to email security?
In the context of email security, the biggest role that machine learning has played is in shifting the industry from a reactionary mindset to a proactive one. Phishing emails are morphing at scale, so there’s little sense in only studying malicious interactions. By crunching data from the overwhelming amount of legitimate email interactions and understanding what typically happens, machine learning empowers us to recognize and predict new deviations and attacks as quickly as they emerge.
Mark Davis
Managing Director of Fullstack Cyber Bootcamp
What are some of the biggest challenges for overcoming the skills gap in cybersecurity?
The biggest challenge is that cybersecurity is a broad field. It has many different specializations, and the material is complex and requires an analytical mindset to learn. That’s why people with the required skills are so sought after. Next, we need to expand the number of training programs available and make them more affordable. That means all types of training methods, including undergraduate degrees, graduate degrees and the emerging category of cybersecurity bootcamps.
Altaz Valani
Director of Insights Research, Security Compass
What Is Balanced Development Automation?
Balanced Development Automation directly integrates with both DevOps and security workflows by integrating security policies from industry best practices and frameworks with DevOps procedures at the code level (using just in time contextual micro-training and code samples) which reduces the noise with downstream threat modeling activities. Because of the bi-directional mapping between security policies and DevOps procedures, a real-time security posture and risk assessment is always available.