Menu
“I’ve never seen cybercrime as bad as it is right now,” Theresa Payton said at Tuesday’s CompTIA ChannelCon event.
COMPTIA CHANNELCON — Cybercrime is going nowhere. In fact, it will only rise in frequency and damage — the latter to the tune of $10.5 trillion each year by 2025, according to Cybersecurity Ventures. Small and medium businesses, notorious for not wanting to spend on cybersecurity, remain in perhaps the most vulnerable position to breaches. A lax approach can lead to a tarnished reputation, unhappy employees, or to going out of business altogether. Now is the time, says Theresa Payton, to help SMB customers build stronger cyber protections that combat cybercrime.
Payton, president and CEO of Fortalice Solutions, and co-founder of Dark Cubed, was the keynote speaker at Tuesday’s annual ChannelCon event, presented by CompTIA, held virtually this year. (Payton, as you may know, also worked as the first female White House CIO during the George W. Bush Administration.)
As Payton noted, SMBs remain reluctant to spend on cybersecurity because that money takes away from outlay on critical efforts such as R&D. But managed service providers, VARs, consultants, agents and other channel partners must find ways to combat this mindset. After all, in 2021, ransomware alone will hit a business every 11 seconds for a total of 31.5 million attacks (numbers from Cybersecurity Ventures again).
Payton said the big key is focusing on human-centered design. In other words, come up with strategies to entice people into participating in security. Maybe the answer is chocolate. Maybe it’s gift cards. Whatever it is, it must reach your clients’ employees and resonate with them. Consider that email stands out as the No. 1 method cybercriminals use to hack into a business. Consider, too, that someone who wants to get into hacking only has to pay $1 in startup fees, Payton said. (That stat comes from 2019 Cisco/Cybersecurity Ventures report.) SMBs should be on high alert.
Fortalice Solutions’ Theresa Payton
“I’ve never seen cybercrime as bad as it is right now,” Payton said. However, she added, she has “a lot of optimism” that industry – vendors, partners, researchers, etc. – will close the gap.
One method for thwarting cybercrime lies in making data harder for hackers to access. This is not a new concept, but it bears repeating. To that end, Payton first suggests segmenting data. SMBs could have non-public-facing website domains that house certain information, for instance. They could also keep different pieces of data in different clouds or containers. (Speaking of clouds, no, the vendors themselves do not deliver all the security end users need. This is where the channel comes into play.)
Second, implement airtight identity and access controls.
“Zero trust should be no trust,” Payton said.
Also, help customers to know when they should go offline. Payton called this the “kill switch/shields-up” moment.
Next, conduct threat hunting on your clients’ behalf. Scan traffic, enter email addresses into LeakPeek and take on other security-centric activities that uncover any surveillance someone may have put on your customers.
Finally, talk with SMBs about the sneaky tactics cybercriminals use to infiltrate businesses. Those include clickbait; fake personas, companies and ads; chatbots disguised as humans; and deep fakes and artificial intelligence. Each of these methods can lure in even a seasoned pro. But designing for the human and implementing Payton’s other recommendations should go a long way toward preventing problems.
In terms of what’s coming next, Payton put forth no Pollyanna-esque predictions. By the end of 2022, she expects extended reality (augmented, virtual) will be hacked, even biometrically. This stands to compromise a victim’s entire life. Again, microsegment data, Payton said. No one can fully prevent attacks but it is possible to make things harder for hackers.
Payton further forecasts criminals will successfully hack into a bank. They will then set up AI chatbots on social media that create concern and urgency among the public. In a rush to talk to humans, people will …
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.