Presidio celebrates Cybersecurity Awareness 24x7x365, but we especially love Cybersecurity in October. Cybersecurity & Infrastructure Security Agency (CISA) just closed out its 18th year deeming October as the month to bring awareness to the importance of cybersecurity. 18 years ago, the internet was in its infancy. Now, it is a part of everyday life.
CISA continues the theme of “Do Your Part. #BeCyberSmart”. Presidio does its part by being trusted advisors to our clients in the cybersecurity space, but we also launched our own Cybersecurity Month Awareness campaign to highlight areas such as Zero Trust, Ransomware, Identity and Access Management (IAM), and Cloud Security!
If you missed out on our posts and events this past month, check out our recap below.
Ransomware Fireside Chat
We hosted Ethical Hacker, Bryan Seely, in this exciting roundtable with Presidio’s Dave Trader, Field CISO, and Zscaler’s Danny Connelly, CISO- AMS, both of whom are also trained as ethical hackers. These three cybersecurity experts brought forth two perspectives to cybercrime: that of the offensive and of the defensive. They agreed that the challenge of being on the defense is that a threat actor only needs to be right once to infiltrate a system, whereas the security practitioner needs to be right all the time to defend against all types of attacks. As an attacker, your success rate can be much lower. It only takes one foothold to start on the journey.
Key takeaway: There are things individuals and organizations can do to help reduce the risk of attack. Turning on Multi-Factor Authentication (MFA) on all your accounts can make a huge impact in upping your defense against ransomware. Additionally, consider upgrading your old cybersecurity controls and protections, such as VPN (hint: Presidio can help assess your current situation).
“You need someone on your staff that goes to DefCon” – Bryan Seely
Cloud Security Executive Panel
It is not often you get to sit down with Co-CEOs to talk Cloud Security, but that’s exactly what we did during this panel! Troy Gerber, Cloud Security Consultant, and Dave Trader, Field CISO were joined by Lacework Co-CEOs David “Hat” Hatfield and Jay Parikh. The conversation was moderated by Jon Jensen, VP of Cybersecurity. This group discussed threats they see customers face in their Digital Transformation journeys, gaps they see in security controls, and other issues they see customers deal with within cloud security.
Key takeaway: Keeping up with requirements in the cloud can be a burden on teams. Moving to the cloud though should also be a move away from manual work. Automate! The cloud can be a challenge for SOC teams, but it is also an opportunity. The cloud provides a central control plane and excellent logs on what’s happening. Leveraging this is an opportunity for SOC teams to become an enabler of technology.
“It’s the fundamentals that sometimes get missed. Organizations are leaving security to the end of their cloud configuration, but if security gets prioritized upfront, it really helps, in the long run, to build secure applications in the cloud” – Troy Gerber
Cybersecurity Hands-on Workshops
Hands-on learning is a great way to expand your skillset. We partnered with Cisco to put on two workshops this past month with Kenna Security and Duo! During the Kenna Katalyst workshop, attendees the best tools to mitigate vulnerabilities based on risk and heard real-world use cases firsthand. During the Duo workshop, attendees learned the importance of Zero Trust and how to overcome challenges to implement and accelerate a Zero Trust adoption.
Key takeaway: Taking action toward Zero Trust can be daunting but adding the right tools to your toolkit can be a good first step. Implementing MFA vulnerability management best practices can help reduce risk.
FBI Fireside Chat
Back by popular demand, we invited Scott Augenbaum, Former FBI Agent to chat with Dave Trader, Field CISO at Presidio, and Paul Calatayud, America’s CSO for Palo Alto Networks. The group discussed what riggers get the attention of the FBI, how individuals and organizations can practice good cyber hygiene in the workplace, and prevention strategies.
Key takeaway: Cybersecurity starts at home and protecting your home network as well. Cyber Fundamentals are key. Getting the mundane done correctly is a gateway to more sophisticated protective measures. The FBI is overwhelmed, but here to help.
Ransomware Mitigation Kit Webinar
An exciting new offering is coming to market with Presidio, CrowdStrike, and AWS. This webinar was led by Dave Trader, Field CISO at Presidio, Jeremy Smolik, Manager, Solutions Architecture at CrowdStrike, and Roman Schwartz, Sr. Partner Development Manager CloudEndure, an AWS company. The three panelists discussed what Ransomware is and how Presidio combines CrowdStrike and CloudEndure solutions to provide the ultimate Ransomware mitigation in case of a ransomware attack.
Key takeaway: The Ransomware Mitigation Kit is managed and implemented by Presidio to take the burden off small or understaffed IT teams when managing their security infrastructure. The partnership brings together front-end threat hunting and eliminating, and backup and disaster recovery on the backend.
“This solution is so powerful it will almost render ransomware useless” – Dave Trader
What better way to understand how ransomware works than with a lockpicking analogy? We took it a step further and sent attendees a lockpicking kit and guided them through this interactive workshop. First though Andy Olson, VP of Engineering, Cybersecurity Solutions at Presidio talked through current market trends, including the evolving threat landscape, talent gap, inverse workforce, and the transition to the cloud. Israel Barak, CISO at Cybereason then talked through the defense lifecycle of continuous preparation, prevention, detection, and mitigation.
Key takeaway: Siloed strategies and tools, strains on talent, and slow response times are creating advantages for attackers. By prioritizing cybersecurity when rolling out new environments and actively managing and monitoring for risks, organizations can greatly decrease the risk and the stress of counteractively placing in security measures.
“Cybercrime is such a lucrative business, that if you compare it to world economies, it would be ranked 3rd. I don’t see it slowing down any time soon” – Andy Olson
We also shared tons of cyber tips on our Twitter! We will be closing out the month with one belated event on November 10th: Cybersecurity Awareness Training, co-lead by our CISO and Field CISO to provide continued education on this important topic.
That’s a wrap! We will leave you with one last quiz to test your Cybersecurity knowledge: Do you spot any risks in the below?