In today’s world, it has become a necessity to keep your data and technical infrastructure secure as you cannot run your business without it.
As technology has advanced through engrained automation to allow for better efficiency and streamlined operations, so did cyber-threats in order to exploit these technological advancements, explains Arie Swart, Cybersecurity Pre-Sales Engineer at Pinnacle ICT.
“Factories have robots running their production lines with minimal human interaction, and with the increased speed at which new innovations are taking place, cyber attackers have been given a whole new surface area filled with new targets.”
When looking for a solution to assist organisations in fighting off cyber-attacks, it is important to find a solution that not only prepares their environment for an inevitable attack but also allows them to take a proactive stance toward security, and this is what Pinnacle aims to do through their cybersecurity range, continues Swart. Based on the 2021 Ransomware Survey Report conducted by Fortinet, ransomware attacks increased by almost 1100% over a 12-month period, leading organisations to pay more attention to their cybersecurity infrastructure. “Between 2020 and 2021, there was a substantial increase in staff working from home and I strongly believe that this affected the spike in cybercrime. Users who were traditionally protected behind their organisation’s safeguards were now open to infiltration as they were at home with just a standard home router between them and their potential attackers.”
Factoring in that the Wi-Fi password strengths of most home users are generally not of the highest standard, working from home left them wide open to attacks. “If we look at this from another perspective, for example – patching, home users would also be less likely to receive critical updates in a timely manner thus leaving them exploitable to new threats for longer periods of time,” says Swart. Lastly, and quite important to note, is factoring in the risk to organisations data that is stored off-site on these endpoints. “With the POPI Act in full force, this should be a major concern for companies. From this point, Endpoint Security has become a must for any organisation.”
According to Swart, in order to ensure your organisations data is fully protected, it is best to utilise a combination of the below practices.
Network Protection:
Firewalls
The first step would be to secure the information entering and exiting an organisations environment, this would be applicable to both WAN and internet traffic.
“Pinnacle offers our resellers Stormshield, which is a French/Canadian firewall that is owned by Airbus. The reason why we chose to go with Stormshield instead of all the usual suspects is that it was built for military-grade protection, and they have a unique focus on the way that they approach network security. They focus not only on traditional IT environments but also on the traditionally vulnerable Operational Technology (OT) environments.”
Segmentation
When organisations have a threat infiltrating their environment, they want to make as little as possible known to them. Organisations can achieve this through Segmentation which would effectively only allow them to see what is in the area that they have breached.
“Guardicore, who were recently acquired by Akamai, offer Micro-Segmentation for their clients that action deep application mapping and policy enforcement, which in essence goes as far as just allowing specific applications to travel a prescribed route and not allowing any deviations.”
Devices:
Endpoints
“Securing your organisations endpoints is highly critical should a threat manage to breach your perimeter security or get introduced internally. To stop breaches at runtime and be sure that you are 100% protected from anything that is introduced into, or tries to infiltrate your environment, you need Comodo in your arsenal of cybersecurity tools.” With Comodo’s unique Auto Containment technology, they render any attack via software, malware, spyware, and ransomware virtually ineffective on your endpoints.
Pinnacle has forged a narrow relationship with Vendors that they believe can solve the cybersecurity concerns of their clients. “We have Pre-Sales engineers certified in these products to ensure we can put our money where our mouths are – so to speak.”
For more information on Pinnacle’s cybersecurity offering, contact cybersecurity@pinnacle.co.za