Wirelive: Episode #13

'The Cyber Threats of Modern Workplace.'

Show Notes:

Colonial Pipeline boss confirms $4.4m ransom payment - BBC News

JBS Cyber Hack: Meat Supplier Shuts Down Some Slaughterhouses After Attack - Bloomberg

Pax8 | Empowering the Modern Partner

Cloud MSP Providers | First Solution

Overview of the Business Productivity Online Suite (a.k.a., BPOS) from Microsoft Online Services - New Signature

What is a Modern Workplace? It’s a term used… (modernworkplacealliance.com)

The rising strategic risks of cyberattacks.pdf (mckinsey.com)

Biden Proposes Billions for Cybersecurity After Wave of Attacks - Bloomberg

 

Transcription:

Robert Belgrave

Right. Okay. Hello, everybody. Welcome to wire live Episode 14. Thanks for joining us. Today we're going to be talking all things cybersecurity and specifically in the context of the threats to the modern workplace. I'm joined today by an amazing guest, Mr. Dominic Kirby dormers, all affectionately referred to him for the rest of the interview. And it's been a really interesting month in the world of cybersecurity, you know, the promise of the cloud has always been huge advantages that helped make businesses more efficient, more effective, reduce cost of infrastructure, more flexibility. But security has often been the big challenge. And I think particularly in the context of modern workplace, it's been an area that's caused a lot of concern over the years and as one of the one of the big blockers for many years, which has started to fade away. But against that backdrop, you know, Darwin, and myself and others in the industry have been cautioning everybody, for some time that security really isn't being taken as seriously as it needs to be. And you can definitely protect yourself against the threats that exist. But failure to failure to plan and implement an appropriate strategy has has caused some quite interesting Fallout. And there's been two very public incidents in the last month that will come to with the colonial pipeline in the US and more recently, the JD meat distribution business globally as well. But before we dive into that, let's meet dom dom say hello, introduce yourself to our fantastic listeners and tell us a bit about you.

 

Dom Kirby

Yeah, awesome. Thanks, Rob. Well, good morning, and good afternoon. I'm Dom Kirby, I am coming to you from Denver, Colorado, from Pax8 here in the US. My role Pax8 is on the manager of cloud solutions, which really means I wear a lot of hats, but primarily I lead our modern workplace team and professional services. My background, I started a managed service provider, right after I left our military here, brand that for five years, my MSP was extremely focused on modern workplace, and also extremely focused on sensitive, typically compliant customers in the financial and legal industries. So I have a lot of experience securing cloud first cloud native environments. And then I came to Pax8 out of a desire to sort of move up channel and help take the modern workplace and expand it to more SMBs.

 

Robert Belgrave

Fantastic. So you know, you've you've been kind of in and around this sector. Since before people were calling it modern workplace, I suppose that seems like a kind of, it's kind of caught on in the last few years as a way to articulate the change. And how do you, you know, from your perch, initially on the MSP side, and now working in support on MSP is really with us at back, say, how, how have you seen it transition in terms of businesses thinking with modern workplace do you think? Do you think businesses are more open minded about it now? And maybe they were 810 years ago? What's your perspective?

 

Dom Kirby

Yeah, absolutely feel like a cloud in general, and how far it's come in, in a decade, or even six or seven years. It's it's night and day, right? If you remember, Microsoft's first attempt at this was a B pause, business productivity online suite. And it was this horrible hosted exchange thing. And it was just like everyone else's Torvalds exchange thing, we've come so far, where we can really adopt platforms in a meaningful way. And I think between the advance of technology, and just the overall need for workplaces to be more nimble and more flexible, has really put the whole concept of modern workplace in the spotlight. Whereas, you know, six, seven years ago, it was, you know, you come to the office, you know, nine to five, or whatever your hours are, and you go home, and you kind of forget about it, working at the coffee shop, or being in the field is now a very common thing, and just about any industry. So you really need that flexibility. And to do it at scale. Cloud is really the best way.

 

Robert Belgrave

Yeah, totally agree. And I think I hesitate and realize we should just take one step back before we take too forward and just define what modern workplace is in this context, because we're so fluent in this world, you know, to us, it's it's readily normal vernacular. And I mean, Dom, you know, this is your world every day. So I'll allow, I'll give you the the opportunity to define it for us. How How would you define what what is modern workplace in this context?

 

Dom Kirby

Yeah, so it's definitely not like a hard definition. It's not a certain set of technologies. It's, it's really more of a concept, right? And all it means is that I'm taking whatever infrastructure IT services I have today, and I'm modernizing them. And I'm usually modernizing them in a way that does involve some form of cloud platform. And really, the goal is to modernize things in a way that I can have a more nimble team, a more agile team. I can use more advanced security tools in my tool set, I can use more advanced productivity Here's my tool set and really deliver a seamless experience pretty much regardless of where my team is actually working.

 

Robert Belgrave

So, so in a way, I suppose what we're saying is, it's a way of articulating the evolution of it right? And then the associated technology that supports a business. I mean, my perspective is that there is no longer such a thing as a business. That is not a technology business. I think every business is now technology enabled in some shape or form. And so, you know, that the, I think, for me, modern workplace is like, the articulation of the evolution of what that underpinning technology looks like that supports a business. Is that consistent with the way you think about it?

 

Dom Kirby

Yeah, absolutely. It's a it's a gigantic step forward. Similar to you know, how server client networking was a gigantic step forward.

 

Robert Belgrave

Yeah, absolutely. Cool. Okay. So, now everybody knows what what a workplace is, or at least knows what we think it is, which is a great start, if they're going to listen to us for 45 minutes. And so let's talk about the big security question. Because I think that, you know, there are a number of other modern workplace considerations, which we'll maybe we'll touch on briefly. But I think, you know, if you think about what came before the cloud, and before modern workplace, businesses had technology solutions, that Gen mean, Gen really lived on site, at their head office location, or certainly within buildings that they owned and controlled. And, you know, they could touch their data, literally, it was there in a rack on a hard disk, they could see it, they could control access to it by hiring a security guard and buying a lock for the door, right, it was a very different time. And if you go far enough, back then most of most internal systems won't even necessarily internet connected. So there were very few attack vectors to access this stuff. And, you know, obviously, the flip side is they were therefore much less flexible, much less agile. And so there's that interesting trade off isn't there, as we move into this cloud enabled world and, and put everything in a kind of internet connected context, we therefore also open it up for attack and intrusion. How do you think about security in this context? What where do you start when you're having that conversation with customers?

 

Dom Kirby

Yeah, I think the first thing to security in any environment is knowing what you have. Right? There's a lot of businesses out there that don't understand what sort of data they're holding on to where that data lives, who controls it. So that's really step one to do any sort of security program. But really, I think, if you look at traditional infrastructure, and I tend to call it a walled garden, because we use a firewall, and we build a wall around all that, right, and we can protect it in some form or fashion, we transition to cloud and there is no wall, right? We're logging into it from wherever we want on whatever we want, given whatever security controls we put in place. So you have to pivot your mindset from understanding that securing the metal and the servers and the data centers is all taken care of, you know, obviously, you know, in our case, it's usually taken care of by Microsoft, who spends a billion dollars a year on this, right, so they've got that covered, it's really on you to understand how your users interact with your systems and the data in there. So that you can make smart decisions around how to secure it. And that that's, you know, that's done through a number of technologies, that you really have to think out how to implement but Microsoft has this model, they like to call the three legged stool, and I'm a big fan, and the three pillars on it, our identity management, device, health and data and telemetry. So you need to understand who's accessing your data, what's accessing your data, and what they're doing. If you can understand those three things and control it, that's really a good foundation to build on.

 

Robert Belgrave

Absolutely. And would you, you know, let's say one of our listeners today is, you know, maybe perhaps in a position where they are using a more traditional technology infrastructure to underpin their business is, you know, where, where would you encourage somebody to start when it comes to a modern workplace journey? Do you think you can just kind of attack it without much strategic thinking? And you'll probably be okay and solve security later? Or do you think this is something that really should be involved at the beginning?

 

Dom Kirby

No, I think, you know, the events of last Heck, I think all of 2021 we've really seen a rough year in cybersecurity. And it highlights you have to be a security first culture and everything you do, from, you know, the receptionist or your frontline workers all the way up to the C suite. You've got to have a security first mindset. So if you're going to strategize your digital transformation, and you're really going to think about modern, you've got to think about it from from doing your migrations and your changes with the least amount of impact. To your people possible because you want them to have a great experience still. But you've also got to build out what your security program is going to be first so that as you're moving your sensitive data, there's no gap and in protection, right, you're moving it from one secure environment, to another secure environment. Because what will happen is in that short window, we saw this with colonial, that's when you'll get hit. So you've really got to think these things out very carefully, and be methodical when you're doing big changes like this.

 

Robert Belgrave

Yeah, and and let's, I mean, you mentioned colonial and I think it's, it's very topical. So let's talk a bit about what went down for people that aren't aware. So the colonial pipeline is a critical petroleum pipeline fuel pipeline in the US, which I believe runs predominantly on the eastern side of the states. And maybe you'll correct me if I'm wrong there. But and, you know, this, this is the way in which gasoline for you know, for automotive use and other applications is distributed across a very large area. And, and due to a cyber attack? The whole pipeline was brought down, right, it was completely halted for what I think was like a week or something and caused significant disruption. And can you add any color? Do you know any more about what what went on?

 

Dom Kirby

Yeah, I think we're finally starting to unpack that they, they had exchange on prem. And unfortunately, it's looking like they didn't patch for the proxy log on incident that came out, I believe, a couple months ago. Now it's been, you know, that that's super simple to execute remote code execution, vulnerability in exchange, unfortunately, doesn't seem like it was patched. That's not known for sure yet. But all signs point that way. And essentially, they got in there. And they use that to pivot across the network and to play ransomware. I don't think the SCADA system themselves were impact, which is good. That's that's a solid sign that there was hopefully some air gapping going on. But I think it was safety and monitoring systems that were impacted. It's no longer safe for them to push things like jet fuel, you know, across the entire eastern seaboard. And, you know, the trickle down effect of that, here in the States was massive, it was daily headline news until it was resolved in and now the investigation is daily headline news. Because obviously, if gas is not flowing, you know, we all drive cars, it was a very big problem. And it also pushed jet fuel. So airlines, were running low on fuel and airports. So it was a very tough situation. And one of the first very high profile impacts to public infrastructure. We've seen from cyber that that really hit hard.

 

Robert Belgrave

And, and I think what's interesting is that, arguably, the kind of outline was not really running on modern workplace practice, right? They're still using on prem exchange. And I think, actually, this is often one of the sundry benefits that I think people miss when they're thinking about a cloud operating model is that Microsoft probably do a better job of keeping their email service patched, then you will. Right. Absolutely. And, and so actually, they're, you know, this is, I think one of the reasons why Software as a Service has proliferated is because you remove the maintenance and administration burden. Now, of course, you are also ceding control, and right, potentially being part of them, of a much more juicy target as a result of that. So you're putting a lot of trust in organizations like Microsoft, when you when you elect to use them, the history tells us that, on the whole that is a better security posture than relying upon your own internal IT department, unfortunately. And, you know, what's your perspective on that? Do you think do you think it stacks up the kind of security in the cloud because of that, you know, scale that you can take advantage of?

 

Dom Kirby

Yeah, I mean, it's like a pooled investment, right? we all we all buy into this program that is, you know, Microsoft 365, for example, it could be Google workspace or what have you. And as a part of that, we have the understanding that part of that revenue is going towards securing that environment. And it's through no fault of really any IT team most of the time, like, I think missing a critical patches and great, but most of the times through no fault of the IT team. Mature security operation is a very complicated machine. Right? Microsoft has security operations centers all around the world that operate 24. Seven, they have some of the best threat hunters in the world that work for them, which is why they're so good at this, they can invest from our pool of investment, they can invest over a billion dollars a year and that security team and infrastructure. So that's really the big difference, right? We're taking our small security program, we're integrating it with one of the largest in the world. And that pooled intelligence that Microsoft has is something we can never hope to attain, right? It's something like six, the belief is 6 billion signals a day that they get from defender alone on threat intelligence. So combine that with everything else they do. They You just kind of know what's going on more than we could ever hope to.

 

Robert Belgrave

Yeah, and I think sometimes that scale is, is such a strength, right. And it's like we're, as we move into this future of artificial intelligence systems, which really means systems that have machine learning built into them. And, you know, machine learning, the fuel that powers machine learning is data, the larger the data set, the more accurate the system can be. And so, you know, if you take something like automated threat detection, clearly, an organization, the scale with a product, the size of Microsoft's proposition, and precinct five is gonna have considerably more accurate and effective threat detection than any private company can ever hope to have. And so if you're going to outsource the threat detection component, you might as well outsource the execution as well is my view. And so, right, it sort of stacks up, but but it's interesting, because it does seem to me, like I remember, five, six years ago, or maybe a little bit further back, you know, it was all these events, we were used to write about demystifying the cloud, and what is the cloud and it was all about, like getting people just comfortable with the idea that their data might live somewhere else that they didn't follow on systems they didn't ultimately own. Right? And it's, and it sort of seems like, we got past that. And, and, you know, it got to the point where governments were doing deals with Microsoft and Amazon and starting to sign up to these cloud platforms. And SAS has really taken over in a big way. But I personally don't feel like security kept up with that. And would you agree, do you think it kind of got left behind a little bit in that conversation?

 

Dom Kirby

In some ways? Absolutely. I think the perception is that it was left behind, right. And I think we we weren't doing a very good job talking about how security works. And the reason you're seeing governments and agencies and things like that buy into Cloud is because there's these these private public partnerships. And we've built very comprehensive frameworks for what a truly secure multi tenant cloud looks like, right? In the US, we call it FedRAMP. And there's, there's versions of it all over the world. And they have to check all these boxes, and then get audited for it to make sure that they're building infrastructure in a way that's safe. But all that gets lost, right? It's a lot of dotting T's and crossing eyes and things that small businesses in particular, but really any private sector business doesn't understand it doesn't want to. So we have to have the conversation in a more sort of friendly, sugar coated way, about what really it means when we say Microsoft is doing a lot to secure that infrastructure. But we also have to have a conversation around what you need to do. What's your piece of the puzzle to secure that? And that's, that's a big conversation that's missing. And that's why we see, you know, millions of user records leaks from unprotected s3 bucket, right? That's a misconfiguration. That's not on Amazon. That's a misconfiguration.

 

Robert Belgrave

Yeah, and, and, and, you know, I think Amazon is perhaps more guilty of this than Microsoft. But it's kind of true in both cases, which is, they're like, Look, we've got an amazing shed full of power tools, if you cut your arm off with one of them that's on you. Right, exactly. And s3 is a great example of that, you know, incredibly powerful toolset but pretty easy to put a record in on it in a way that makes it public and fairly difficult to revoke without understanding what you're doing. And, you know, we've seen that I mean, that is like the story that it feels like, it's as old as time now is allowed to pass data into an s3 bucket or something. But so and it's interesting, you know, some of the research from McKinsey suggests that about 45% of online cyber attacks target small businesses, which I guess, aligns with that right, that small businesses tend to be maybe an easier target, typically than larger organizations that perhaps have got more resources to put into, you know, the security question. And so, you know, you talked about the three legged stool model. And I think that's, you know, that's really interesting. If you were helping set a strategy with somebody, you know, in going through that kind of cloud journey with what other tools are there out there that you really like you really re because obviously, 365 is often the kind of centerpiece of the puzzle. But you know, as we've seen with with Pax8, we see a lot of demand for the other pieces around the side. Maybe you could touch on a few of those and how you sort of would fit them together for somebody.

 

Dom Kirby

Yeah, absolutely. So my starting spot is always business premium, m 365. bins is premium, and I'm going to use endpoint manager to manage your endpoints. I'm going to use Azure to manage your identities. And I'm going to put all that together first. The biggest thing, particularly in the channels, we're probably managing 10s, if not hundreds of customers, right? Yeah. So we need to be able to see all of that at a glance. And that's why these other tools are so great, because I think if you look at almost anything on the Pax8 line card in particular, there's probably a Microsoft equivalent right? But if I implement central one, and let's say I deploy that through endpoint manager, I have a single dashboard where I can see every endpoint I'm protecting, I can understand what's going on there. So I'm a huge, huge fan of Sentinel one. And their advanced detection suite. bitdefender is also another great choice. But I want to make sure I addressed that endpoint. And I also want to make sure I address the most common vector for drive by attacks and ransomware is email, right? It's convincing email, I get emails from john Street, like three times a week, you know, someone pretending to be him. So putting some sort of email gateway on the outside, again, that we can see all of our customers environments from a heads up view. So I'm a big fan of Proofpoint in that category and iron skills to protect against those phishing attacks. And it's all about defense in depth, right. So whenever I'm thinking about a tool, I need to know where it fits in my puzzle, for defense in depth and make sure that it contributes. And I need to make sure it works in my ecosystem, right? Can I report on the status of that endpoint, an endpoint manager and make a decision in Active Directory if I'm going to let it in if it's unhealthy, right, so I want to I want a multi vendor security solution. But I want them to talk to each other. I didn't let it let each other know what's going on. So that I can make really automated smart decisions about what I'm going to allow to happen in my environment. So my sort of standard stack would be business premium, central one proof point, iron scales. And then for backup, I'm personally a fan of drop. Sweet.

 

Robert Belgrave

Cool. Okay. Yeah. And it's, it's interesting is now even within our own product mix that we've elected to offer, there are, you know, three or four tools that solve a very similar problem, right in slightly ways. And then, you know, some people like to keep it all within the Microsoft family, as you say, and others really find value in the advanced capability that some of these other tools offer. And but it's interesting how you talked a lot about visibility in your assessment there about how ultimately having that sort of single pane of glass view of what's going on across your organization in your estate, or as an MSP across all of your customers estates, right, in that context is, is very, very valuable. And I think, you know, my observation in my entire life, I suppose, as a lover of tech, and certainly in my career, as a technologist is that if things difficult, they get forgotten. And I think, you know, this does come back to the colonial example, why didn't that patch get applied? Well, I'm gonna hazard a guess that's because nobody knew it needed to be, you know, yep. If there was an easy way, every morning of someone in that team seeing a huge banner that said, Dude, you need to patch this thing. Now. It's urgent in plain English, I'm sure somebody would have done it. Right. So I always think, like, the, the skill in execution of these things is making them easy and accessible for people. And so that things don't get forgotten, because it's, it's, it's often not, you know, willful blindness. It's, you know, it's not necessarily negligence, although maybe in setting up the system in the first place. But without that without those things in place, but you know what I mean, right, like, it's right. Would you agree with that, from what you've seen across your career?

 

Dom Kirby

Yeah, I think if you're going to be a security practitioner, you've got to spend time to sort of get yourself in the mix, right? Like, I get an amazing amount of like security intelligence from Twitter, and just following security folks on Twitter, right? But and understanding where to go to look for Microsoft Security advisories, or, you know, Palo Alto, or whatever vendors you're using, understand where to go to get those security advisories and figure out the best way for you to consume them. So that you can be in the know. And that's the that's a big challenge, right? There's a lot, I would imagine someone like colonials running these crazy skated platforms that were probably written 20 years ago, who knows that company exists, right? We see a lot of that in this space. So it's really hard to keep on top of these things. And that's where automation comes in. Right? That's where we can leverage tools and automate that busy work. that would that would know, hey, this is this patch, you should probably do that. And I can click a button and say, Yeah, go ahead and do that. And it's just going to do it for me. Right, the more I can automate the more human error I removed from the equation.

 

Robert Belgrave

Yeah, absolutely. And, and, you know, again, another, I suppose another nod to the why cloud is as an operating model is the right answer is because the availability issues or downtime in plain English that used to come with updates are often resolved, you know, in an automatically by the vendors in question, they all wear a roll, you know, low band systems, more multinode whatever, you know, however, it's structured or behind the scenes, frankly, it's none of your concern and it shouldn't need to be because they will dissolve For you, as far as you're concerned, your users will continue to have access to the system that you're paying them for. And behind the scenes, they'll be rolling those updates through. And, you know, to people like me that used to spend hours and hours and hours architecting as a solution architects how those things could be done. Right? I assure you all, it's really complicated. But I also love that people today just don't really care. I don't need to care a lot of the time about that stuff. So you know, I suppose I'm, I'm reminiscing a little bit on how far it's come. And it's great to see how easy it has got to solve a lot of kind of low hanging fruit, I guess that used to be very challenging, like the dreaded Patch Tuesday in the Microsoft world when you were running your own infrastructure. And so, so let's look to the future a little bit. And, you know, where what's the direction of travel here? You know, do you think so? Obviously, the the Biden administration this week, you know, perhaps off the back of the colonial issue and the daily meatpacking issue have reprioritized the way in which cybersecurity attacks are classified to rate them alongside, you know, terrorist attacks with explosives or other more traditional means. I think that sets sets a tone perhaps for the future personally, what's your perspective on this? Where do you think, you know, in the context of modern workplace, particularly, there's wet? How do you think this evolves from here over the coming years?

 

Dom Kirby

Yeah, so I think overall, I've been asking myself the question, I'm sure you have to have, like, when is enough, gonna be enough, that, that we're gonna start caring about this in a more holistic way, right. And I hope we're getting to that point, right? Because we're really showing that nobody's immune, right, we've cut off fuel to the eastern seaboard, we've cut off meat to two continents. These are big attacks, and hospitals have been getting attacked. You know, if the hospitals EMR isn't working, they're not serving patients. That's just kind of how it goes down. So I think we're hopefully going to finally start to see that, hey, we really need to pay attention to this, we need to put the security guys on the front stage, and let them do their work. And that really flows right through to modern workplace, right, because now we have to re strategize if we're going to transform, which I definitely see happening. And I think COVID-19 proved the need for that. And it's obviously accelerated it by a factor. I think 12 is what Microsoft says, we now have to rethink how we do security. So we have to make that investment in people or partners that can help us secure that environment. And my hope is that the direction we had is, anytime we do a change like this, the first question we ask ourselves is, how do we secure it when we're there? And if we keep doing that, all of these super simple, maybe not super simple, they're not all super simple. But some of these low hanging fruit attacks, like drive by email ransomware just going to disappear, right or be greatly reduced. And the closer we can get to that, less likely does this whole criminal empire that's been built around ransomware is to grow. And that's really what we need to stop. Are these things like ransomware that are easy attacks. You know, we're never going to stop nation states that are using abt groups to show right. Yeah, but but these low hanging attacks, where I can go to an SMB, make a quick, you know, 510 k, call, it could move on to the next. Well, now I'm doing that at scale. So these organizations are making 15 $20 million a month, because they'll do 1000 attacks at once. 400 of them succeed at 10k a pop, you know, it's just not hard to make money as a cyber criminal right now. And that's what we need to reverse.

 

Robert Belgrave

Yeah, Sam? It's kind of I yeah, it's like, sort of mind bending, isn't it? When you do the maths on it, and you work out what the yield is on some of these, some of these attacks, I mean, and so much of it is automated. I mean, I you know, I think you make such a good point there, like, solving for like the social engineering nation state, you know, sophisticated zero exploit stuff is a different conversation. Right? What we're really talking about is the fairly mundane, relatively easy to protect against automated stuff, which still is a remarkably effective out there. I mean, like, but it's funny. I mean, probably the most sophisticated manual attack I've ever seen was actually carried out against us at wive. And so our domain is wire hive, calm, right. And so we had this was a few years ago now. We had a very crude individual who obviously had time on their hands. He was going after what appeared to be specific opportunities rather than an automated attack. They figured out If they registered a domain, which was to V, so v v i r e hive, it looks almost like a W, right? So this person figured that out, which is quite like evolved, went and bought the domain, set up a properly verified email system, cloned our signature and then sent our accounts team a load of payment instructions from me right as the CEO saying, hey, I need to pay today like, kind of that classic like scam because the domain looked right. And it was a properly set up email system with SPF records and everything else. it you know, thankfully, our team are were very technically technically led business. And so our accounts are pretty technical. And one of the but it was, but it was good enough that it caused the guy to ring me up and say, I've got this email from you. I'm not, you don't normally send emails like this. So I'm not sure this is right. But But actually, what he didn't say was, I'm sure this is a scam. Right? And right. And so, you know, it's amazing how far some people will go. And I think those types of attacks have few and far between ultimately, and God knows why they're coming after us. I mean, we're not a particularly juicy target, if you're watching. But, but you know, I think I think the automate stuff is so effective still. And that's the thing that I really hope, you know, the likes of pacsafe. And our partners can can help resolve, particularly for smaller businesses. And so, okay, so we fast forward, then the automated attacks are gone. You know, the security takes takes place alongside other areas of technology as a kind of first class citizen. You know, do you think that eventually becomes so integrated and automated that it falls away, again, a little bit as a sort of dedicated role? Or do you think actually, the future is Every business has a CIO on their board? And like, it just becomes like an absolutely critical role in all businesses? How do you think it goes? Where are we in 10 years with security roles and businesses? Yeah,

 

Dom Kirby

it'll be interesting, I think, 10 years, we're still at a point where there's a lot of sectors not taking us seriously, just seeing the speed and the reaction of didn't happen to me. So it won't, it's gonna take a while to break that mindset. But I would love to see where you know, you either have a seaso, and a security expert on staff or you've you've outsourced that, right, you have an MSP or something to that effect that has that expertise. The majority of cybersecurity is an operational mindset and a tactical mindset, and knowing where to put the tools and how to use them, making sure you're educating the people that use the tools so that they can protect themselves, all of these things sort of come into play. And they always will, right, security is like cops and robbers, right? It's a constant cat and mouse game of, there's a, there's a better cybercriminal out there. So now we need a better security practitioner. So that'll never end. Right. It'll always be a need, and we'll stop these low hanging fruit attacks. And they'll come up with the next best thing. You know, who knows, maybe they find a way to inject messages into your slack or, you know, something like that. There'll be some weird vulnerability, and we'll be back having these conversations again. So I don't think it'll ever end or stop sort of revolving.

 

Robert Belgrave

Yeah, no doubt can mouse is a really good way of articulating it. And, you know, ultimately, technology is created by humans, and we're fallible, so right, I told him that, and my experience of computer generated systems is that pretty fallible to for all kinds of different reasons. So yeah, you know, it's an endless game, I suppose, in that in that way, and where there is reward, ultimately, people will try and exploit it and exactly for commercial gain or otherwise. And so, Don, this has been great. I think, you know, we've covered we've covered the security topic in good detail, and hopefully given our, our listeners a bit of context on our view of modern workplace and, and how, you know, clearly is the right answer for everybody now, from government through to small businesses, to enable effective remote working, more flexibility, you know, the pandemic has, has, I think, really driven this evolution a little more quickly than it would have otherwise happened. And, and so many people have really woken up to its value now. And but you know, we, we've, we've covered why security should be a consideration. And, you know, make sure you lean on your internal technology team, your MSP partner, and your vendors, really, in terms of the software that you're you're you're selecting, to make sure that their security practices are effective, and that the products that you're using are going to cover your needs. Is there anything else in the DOM that we've not covered? Is there anything you'd add any other sort of interesting Additions on from that in the modern workplace lens?

 

Dom Kirby

Well, two things I think we have a question in the chat, but I I would say you have to keep researching this, right? If you decide that you want to practice security or you want to, you want to find someone that practice security, make sure they're constantly learning. You know, it's it's a constant cat and mouse game and threat landscape changes. You know, we often say day by day, it's more like hour by hour, right? There's there's a new ransomware strain out that can evade detection this way. There's a new zero day out that you got to get patched. So you've really got to constantly be learning, making sure you're getting the right feeds for the technology you're working with to really understand what actions you need to be taking every day to be a good security practitioner. Yeah, just a question for Matt. Yeah,

 

Robert Belgrave

let's go to the question. So. So Matt kindly asks us with modern workplace and BYOD, which is bring your own device for those not familiar coming together? You know, what is the consensus on securing the device? And he goes on to say, assuming all security is in place on cloud portals, such as MFA, etc. He's sort of asking, do all of the, you know, various component parts of cloud security products have support for BYOD? Or is there still a sort of an expectation that you're managing the devices centrally? What's your perspective on this movement?

 

Dom Kirby

Yeah, there's a, there's a couple different answers there. It really depends on the organization. I'm a big fan of securing all devices that are accessing corporate data. But there's different ways to go about that. So with endpoint manager, I can manage like a personal phone in such a way that I only managed to work data, I can't touch your personal data, I can't wipe your personal data, I can really just make sure your phone has a pin, make sure it's up to date, and make sure that my company's data is encrypted. So I'm going to take that approach on personal mobile devices. As far as aggressiveness on workstations, I think right now, for me, at least, we're still at a phase where I'd like to see corporate workstations be the norm because I get full control of that. I know exactly everything that's configured on that at all times. And there's just, if you think about Windows or Mac, there's 1,000,001. More things, you got to think about security wise than iOS or Android. So it's a different sort of landscape. But there's definitely organizations, we have a partner here in the US called iconic it and they've implemented this internally, in any device, you can join your personal device if you want, but it's going to get their EP EP installed and their EDR installed. So it really depends on how aggressive you need to be with that organization. I would say most of my customers that were somewhat compliance related, whether it be financial or legal, or medical, in some cases, only company devices were allowed on. And that's just it is what it was. And then you could take your personal phone and get your email on it so long as you enrolled it, because you need control of that device. So you can make sure you can protect that data, no matter where it resides.

 

Robert Belgrave

Yes, good advice. And I think as you say, it's those trends seem to be fairly sector specific in terms of the nature of the data that perhaps exists within those companies. But ultimately, I suppose the summary is that the tools and systems exist now to give organizations a lot of flexibility about how they want to accommodate a Bring Your Own Device strategy. And, and so there is a, you know, there's something out there for you, if you're out there thinking about rolling it out. Again, speak to an expert plan before you act before you implement but and that, you know, those tools and systems are do have what you would require for a kind of graded scale of compliance, I guess, on user end devices. Yep, absolutely. Great stuff. Okay. And well done. I think it's been a really riveting conversation on security. I do slightly wonder what will have been compromised or blown up by a cybersecurity attack next time we talk, right? At some point in the future. This month, it was fuel pipelines and meat distribution. You know, who knows what it'll be next. Hopefully, nothing too impactful. Any final thoughts? Anything else you'd like to add?

 

Dom Kirby

I think I'm going on my side. But thanks for having me. This was this was a blast. And I hope we do it again soon.

 

Robert Belgrave

Yeah, me too. And, and to our listeners out there, if if you have any follow up questions, if you just need some help thinking about security practice, we're always happy to steer in the right direction, whether that's working with us or or perhaps introducing you to one of our many partners who specialize in in security practices for businesses of all shapes and sizes. So yeah, thank you so much for watching. I was robbed. This was done from Pax8 over in Denver, who's now going to have a lovely Friday as I knock off for the day. And yeah, thanks for watching or listening, whether you're with us live or you're listening back later, and I'll see you next time for Episode 15. Thanks a lot.