TAKING A PROACTIVE
APPROACH TO RISK
MANAGEMENT
CIOs and CISOs at organisations across the globe are
currently dealing with an unprecedented challenge as they
look for the best way possible to keep employees secure
and productive. David Higgins, EMEA Technical Director,
CyberArk, talks to Intelligent CISO’s Jess Phillips about
how IT leaders can best adopt a proactive approach to
cybersecurity to reduce their risk management concerns.
HHow have working practices
shifted to an increase in remote
access for employees and
third-parties?
Within a few short weeks, ‘business
as usual’ has become anything but.
Millions of workers have shifted to
remote work, been redeployed to focus
on evolving business priorities, or face
general uncertainty about their jobs.
As IT teams work around the clock to
execute Business Continuity plans,
cyberattackers have been working
just as hard and fast to exploit
weaknesses in these dynamic and
changing environments.
What are the security
implications of this?
As the number of employees working
remotely increases rapidly, providing
them with secure access to company
systems, applications and data from
outside their employer’s corporate
network at short notice can often result
in complications.
Remote users requiring access to critical
systems must rely on a combination of
VPNs, MFA and remote access control
solutions in order to authenticate and
access what they need.
How much of a role does
access play in enabling – or
preventing – cyberattacks?
Traditional enterprise identity
management systems and access control
solutions, for example, are typically
designed to authenticate company
employees and corporate-owned devices
in controlled environments. But what we
are seeing at the moment is that a huge
and unprecedented shift for previously
office-bound employees to work from
home has meant that IT security teams
have had to adapt quickly to onboard
new applications and services to support
remote work; collaboration tools like
Microsoft Teams, virtual private networks
and the like.
Also, employees will, to a degree, be
using their own unsecured personal
David Higgins, EMEA Technical
Director, CyberArk
devices to connect to corporate assets.
Taken as a whole, these are much less
controlled environments.
And attackers are specifically targeting
this new situation, essentially taking
advantage of what they see as a
relatively easy way of accessing
sensitive data. Cybercriminals can see
three things that help them achieve this.
First, collaboration tools can be exploited
to provide a route to the critical data and
assets that every organisation has. This
is a very real threat. CyberArk’s Labs
team found an exploit in the Microsoft
Teams collaboration tool that meant
credentials could be stolen simply by
sending an infected image to another
user. We worked with it to close this
security hole.
Secondly, more people are accessing
sensitive commercial information from
74 Issue 26 | www.intelligentciso.com