Futurex Crypto Chat with Techgardens: Security pain points, encryption, travel
Adam: Tell us about your turnkey installation and integration services.
Chris: We have learned over the years that a cookie-cutter approach does not work with cybersecurity engagements, as they are usually unique, highly technical, and critically important to our clients’ business. Instead, we take a very traditional and conservative approach that starts with a project manager and lead engineer working closely with the client to develop a detailed scope of work. Once that is completed and signed off, it is all about execution until the client is 100% satisfied with the end result. The key is to have solid, well-trained engineers that have experience in both the products being deployed as well as a complete understanding of the clients’ overall security landscape.
Adam: What are the top security pain points enterprises are facing today?
Chris: I really feel for CISOs today as there is probably no harder job in today’s business world. They have to balance an increasingly aggressive and complex threat environment with budget and skill set constraints all the while understanding that it only takes one breach to cripple a business or government entity. Unfortunately, it is never-ending and a complicated battle that is challenging organizations.
Adam: What are top cybersecurity and encryption best practices you recommend?
Chris: There are numerous tactical best practices: enforce strict password polices, utilize hardened key management devices, and protect against third-party software supply chain breaches. This is perhaps the hardest vulnerability to defend against. Fortunately, there is a technology in code-signing certificates that can prevent this type of breach and now must be included in every company’s cybersecurity playbook.
Companies must assume that they will be breached at some point in the future and have defenses in place to efficiently manage the event when it occurs. The most basic example of encrypting data at rest and in motion is security-conscious home owners installing motion detectors inside their homes for when they go on vacation or go to sleep.
What is surprising to me, in 2021, is how many organizations only encrypt a few customer-specific fields, such as SSN, in their storage devices. It is amazing how little information hackers need once inside a network to be successful. They typically start with a single crumb and over a period of days or weeks, slowly work their way through the environment one crumb at a time, until they obtain the few critical pieces required to lock down critical data or even take down the entire infrastructure. Encrypting all data all the time will slow down the process and give security professionals time to identify and isolate the breach.
Adam: What do you see as the latest cloud security trends?
Chris: There are two that come immediately to mind. First, there is the migration of traditional private data center cybersecurity functions to the cloud. Cybersecurity as a service is growing at more than 20% yearly because it saves clients significant CAPEX and OPEX money as well as reduce the number of hard-to-find skilled security analysts. Futurex’s cloud payment HSMs are one such example of a system that historically had to be deployed in a private network but can now be purchased and available via AWS and Azure.
A second trend is the seamless integration of cloud and private data center cybersecurity environments. Historically, clients would have a completely separate security infrastructure for their AWS or Azure deployments, which added cost, complexity, and the potential for a threat actor to exploit a gap between local and cloud security environments. Fortunately, best-in-class security vendors have evolved their solutions to the point where there no longer needs to be a distinction between cloud and private network security threat management in a hybrid environment, making it simpler and less expensive.
Adam: What’s the most interesting place you have traveled to for an integration?
Chris: Travel, what a novel concept! Because of the COVID-19 pandemic, it has almost been two years since I have been on a plane. Fortunately, with the large number of cloud-based security applications and software automation, almost 100% of our deployments recently have been managed by our engineers working remotely.