Uncategorized

Chris Hagerman: “There is a well crowded market for the buying and selling of cyberattacks” | Technique


Today, cyber security is one of the main concerns of managers of companies and public institutions. The level of threats has increased, and cybercriminals are becoming more and more professional. According to a study by the British company Sophos, one of the largest cyber security companies in the world, there are gangs that have human resources departments, payroll departments, and even physical offices. The FBI cracked one last week in collaboration with various international police forces, including the Spanish National Police.

Born in California 58 years ago, Chris Hagerman has been at the helm of Sophos for eleven years. The executive believes that the advent of remote work as a result of the pandemic or the war in Ukraine did not cause cybercriminals to increase their activity: “That was the trend we were really seeing,” he explains.

Question. How would you describe the cyber security industry?

Reply. It is one of the largest and fastest growing markets. It moves around $100,000 million annually and is growing between 10% and 12% annually. It is the first priority for corporate IT administrators, be it large multinational corporations or small businesses. This is because cyber attacks have been increasing year by year in their pace and sophistication over a period of two decades. Moreover, these attacks are commercialized more quickly.

s. He says that the number of attacks is increasing every year. Is this because there are more cybercriminals or because they are becoming more sophisticated?

R was found. Both happen. More and more sophisticated and advanced zero-day threats are being created [zero day attack en la jerga]. A zero-day threat is a vulnerability identified in a system that no one else knows about, not even the developer of the system in question. Finding them is very complex, and it can take months or years to identify and develop them. Well, more and more appear. On the other hand, we see that there is a well crowded market for the buying and selling of cyberattacks. So, for example, there is something called raw access proxies (Primary Access Brokers). And they only do one thing: they find a way to hack into a specific network and then sell that information or an access key. So now I can become a cybercriminal without knowing anything about programming. First, I pay an initial access proxy to be able to break into the network. And then I can turn to the companies that provide ransomware [una modalidad de ataque informático que encripta el sistema y pide un rescate para liberarlo] as a subscription and have them set up a specific subscription for my purpose. After that, all that remains is to sit back and wait for the money to arrive.

See also  The FBI "infiltrates" and dismantles a vast network of cyber extortion on the dark web | Technique
Hagerman has been at the helm of the British multinational for the past 11 years.
Hagerman has been at the helm of the British multinational for the past 11 years.John Barbosa

s. How can companies defend themselves against all this?

R was found. First and foremost, they need to think of cybersecurity as having three components: protection, detection, and response. If you have a home, you don’t want to leave the doors wide open, you want them locked. That’s fine, but if you want more protection, you’ll need a security system with video cameras capable of detecting if someone has entered. And you want to have the ability to respond to get them out of there. These three components are essential to building a cyber security strategy. We also recommend to our customers to focus on getting the essentials right. There is no point in adding a motion detector to my home if I leave the door open.

s. To what extent does cybersecurity use artificial intelligence?

R was found. All of our products generate information that fills a single large data lake in the cloud. We use artificial intelligence and machine learning to work with all that information. This helps us detect anomalies much faster than a human can. On the other hand, for some time now we have been able to offer cybersecurity as a service, that is, remotely and for a monthly subscription. For us, this is one of the most interesting developments of the last decade in terms of cyber security, because it is easy to manage and implement and allows us to deliver results at a lower price.

s. Does the emergence of remote work pose new problems for companies in terms of cybersecurity?

R was found. We’re doing more and more online, creating more data and having more connected devices. This increases the space for cybercriminals. What that means for organizations is that they have to secure all of these devices. One of the new concepts in cyber security is Zero confidence [confianza cero]: Consists of creating an environment in which none of the devices connected to the organization are assumed to be insecure. So when a device connects, it requires a series of steps before it can be enabled. This approach can also help those who work remotely.

Hagermann, after the interview in Madrid.
Hagermann, after the interview in Madrid.John Barbosa

s. No matter how much protection is in place on the devices, if a worker clicks where they shouldn’t, it can cause problems.

R was found. Effective way. Cybersecurity is about people, processes, and technology. It is not enough to have good software, you also need employees to know how to use it and how to manage their life online. I am often asked why the problem of cybercrime has not yet been solved. The answer is the same in the case of all other crimes: crimes have always been committed, so I think the realistic approach is not to try to eradicate cybercrime, but rather to make it a manageable problem. If you and I don’t know each other, we cross the street and you ask me for my credit card, I won’t give it to you. But on the internet, if you ask the right way, people will. We are less experienced with managing our online lives than we are with our physical lives. Therefore, it is necessary to train people in this field. Don’t click everything you see in an email, always check the source of the email before responding, and be wary of unusual requests…

s. the ransomware It is one of the main problems facing companies in the field of cyber security. How often do you advise your clients to pay the ransom that was demanded to unlock their systems?

R was found. It’s a very difficult question to answer. In general, pay a ransom ransomware Is this a bad idea. In a high percentage of push times, victims do not recover the data. The organizations whose data was hijacked are clearly not trustworthy and there is no guarantee that, even if you pay, everything will be resolved. We don’t have a hard and fast rule about it, and we say you should never do anything. Each case is unique.

s. Do you think we take cyber security seriously enough?

R was found. I think so. Most organizations of any size know that cyber security is a real problem, they are at risk, and they need to get it right because if they get it wrong, they could be in real trouble.

You can follow country technology in Facebook s Twitter Or sign up here to receive The weekly newsletter.

Subscribe to continue reading

Read without limits



Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button