Futurex Crypto Chat with Help Net Security: Getting a Handle on Cyber Threats, Cloud Security, Passwordless Authentication
Ryan: What interesting cybersecurity trends are you seeing across industries?
Mirko: Since remote and hybrid work took off, security teams have been struggling to secure increasingly challenging working environments.
New technologies are being created to enable security leaders to keep up with a scattered workforce, but the implementation of any solution can be a problem when dealing with a vast array of hardware and software in use. Overworked IT security teams dealing with burnout show that the struggle is real.
When you think about sensitive data you’d like to keep as secure as possible, medical data is at the top of the list. For obvious reasons, telehealth has become the norm, and healthcare organizations are investing heavily into bulletproofing their IT infrastructures. Not only are they dealing with an expanded amount of data, but a surge in targeted cyber attacks has been wreaking havoc on hospitals worldwide. All of this has led to faster adoption of emerging security technologies.
Ryan: What are the biggest cybersecurity challenges globally?
Mirko: If you look at all the breaches that occurred in the past year, many occurred because organizations have been lazy about their cyber hygiene.
We hear about AI becoming more advanced, we anticipate people to immerse themselves in the metaverse in the next few years — all of these exciting things are being built, yet we’re still ignoring security basics.
Until we figure out how to get users to avoid reusing passwords, how to patch our systems on a regular basis, and know exactly what’s in our IT infrastructures, our cybersecurity challenges will remain the same.
Ryan: How can industries get a handle on cyber threats?
Mirko: A great deal of cyber threats stem from a complete misunderstanding of the importance of cybersecurity for business.
Information security is still not viewed as a business enabler, and CISOs have a hard time explaining security ROI. We’ve seen it countless times: a huge breach makes headlines, the affected company pours millions into plugging the hole and dealing with the aftermath. At the same time, the breach itself could have been prevented with a small percentage of the money spent on the fallout.
The fact remains that the C-suite mostly does not understand the nature of cyber risks, and therefore they can’t comprehend the scope of the problem. Once we get management on board to allow security teams to focus on effective prevention instead of acting like firefighters, we’ll be able to get a handle on cyber threats.
Ryan: What new cybersecurity developments are you expecting in 2022?
Mirko: I expect to see a lot of happenings around zero trust, passwordless, cloud security, and infosec skill development.
The past two years and a huge shift to hybrid workplaces have seen an accelerated adoption of cloud technologies in organizations of all sizes. This created more awareness around cloud security technologies and the need for zero trust.
Overworked security teams have been dealing with issues around passwords, so the adoption of passwordless authentication has been gaining steam, with organizations starting to take it seriously. I expect passwordless authentication to become common sooner than later.
The result of an enormous skills gap and good earning potential in the cybersecurity industry have propelled more people than ever to join the industry. While in lockdowns around the world, people have been working on their infosec skills through online training programs. Organizations have increased hiring and getting people up-to-speed with new technologies is essential. So, skill development is going to be an area that will see a lot of growth, especially when it comes to gamification.
Ryan: What is your favorite (or most useful) technology and why?
Mirko: Definitely my iPhone. When I look back 15 years ago, I used to carry around my laptop, a camera, one or two lenses, a phone, and sometimes a GPS unit.
Nowadays, I can do a lot of work using just my iPhone: I can shop, email, collaborate with the team, take photos and videos, edit them, post on social media, use GPS to find specific locations, listen to podcasts, edit PDFs, sign documents, and so much more. I went from a backpack filled with technology to having one small yet powerful black brick in my pocket. For me, this device is priceless.