Cloud Security, Security Staff Acquisition & Development

CyCognito’s CEO on keeping people and endpoints secure

Click for more special coverage

Cloud, macroeconomics and shifts in remote workforces are creating transformative shifts in cybersecurity and spurring new challenges for companies.

CyCognito’s co-founder and CEO Rob Gurzeev spoke to SC Media about these modern challenges facing organizations as part of our October Cybersecurity Awareness Month series.

[A video interview of SC Media's conversation with Rob Gurzeev can be viewed below]

Highlighting a significant shift in the cybersecurity landscape, Gurzeev mentioned, "Decades ago, giants like Google and Apple had one or two applications exposed to the internet. Today, companies host thousands of them."

The real challenge, according to Gurzeev, is the plethora of external exposure points not being adequately monitored or tested. He noted that even some leading banks with significant cybersecurity budgets are only testing a fraction of their exposed web interfaces.

"We've become exponentially better at protecting areas we're aware of," Gurzeev commented. "However, the real risk now lurks in places we either don't know or don't monitor efficiently."

Under the backdrop of Cybersecurity Awareness Month Gurzeev underscore the importance of not only understanding the existing cybersecurity external attack surface, but also preparing for the challenges that lie ahead.

"The concept of 'security by design' is paramount given the vast amounts of personal data residing on company products." Yet, he cautioned that while the idea is highly desirable, its implementation is not widespread. "Legacy organizations and products often find it challenging to integrate new security capabilities," he said.

"Decades ago, major companies had but a few engineers. Today, their ranks swell into the thousands." This has caused an amplification of network complexity, coupled with cloud adoption can easily escalate vulnerabilities exposure for organizations, he said.

For companies looking to bolster their cyber defenses, Gurzeev advised concentrating on three vital metrics, perfectly aligning with CISA's directives: thoroughness of security tests, frequency of these tests and promptness in resolving high-priority risks.

Related

LockBit-leaked DC city agency data from third party

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.