Cipher Podcast: Flexible Cybersecurity in Uncertain Times​

Uncertainty is the theme of the day. A recent report by Stanford and others underscores this point. There is an unprecedented amount of unknowns with regards to workforce size, remote work, business demand and more. At the same time, cybersecurity risk has increased. UK Director of Sales Gareth Jones joins the conversion to comment on how CISOs and business leaders are adapting and planning their resilient cybersecurity posture and “de-risking” their operations.

Cipher helps companies maintain a flexible and complete cyber posture by offering a Free Trial of CipherBox MDR. With no cost involved, companies can see how much more secure their operations can be. After becoming a customer, the cost can change as your cybersecurity needs increase or decrease.

Register for our upcoming webinar on the same topic scheduled for June 30, 2020.

Visit the podcast page for all episodes or listen on the platforms below.

Podcast Episode Transcript

Pete: Welcome everyone, my name is Peter Hackett.  I am the Global Program Director for Cipher.  For today’s Podcast we are going to discuss how Cipher can provide flexible cybersecurity services in these uncertain times.  I am joined by my colleague Scott Croskey, the Global Chief Information Security Officer for Cipher.  We are pleased to have with us Gareth Jones who is the Director of Sales for the United Kingdom.  Gareth joins us today from London.

Gareth, how are you?

Gareth: I’m doing very, well thank you very much for having me on your show.

Pete: Just this past week, the Federal Reserve Bank, Chicago Booth and Stanford University released their latest joint survey focused on Business Uncertainty.  This innovative panel survey measures the one-year-ahead expectations and uncertainties that firms have about their own employment, capital investment, and sales. The sample covers all regions of the U.S. economy, every industry sector except agriculture and government, and a broad range of firm sizes.

There’s no doubt that the current world events have resulted in an increased business uncertainty index.  Between February 2020 and May 2020, there has been an increase in the mean subjective standard deviation by three-fold.  This standard deviation takes into consideration three primary factors from surveyed companies:

– Projected sales growth for the next four quarters

– Employment rates over the next twelve months

– Capital investment rates for the next four quarters

Higher levels of uncertainty indexes occur when firms express less certainty about these three factors. 

So to sum this up, there is a high rate of unknowns ahead of virtually every business.

Gareth, you are a panelist later this month on a joint webinar between Cipher and FireEye on the cybersecurity considerations in today’s market.  What are some of the top things on the minds of C-Level executives today?

Gareth: From our conversations with the C-Level executives, the primary concerns they have are the spiraling costs of running their business coupled with the uncertainty of their trading environment post COVID-19. There has been a huge slowdown in global growth and consumer confidence and it’s taken as accepted that there will be large job losses going forward and many of these jobs will not be coming back.

Many organization’s in some industries were already suffering from a very uncertain trading environment prior to the pandemic (Retail and Aviation being primary examples of this); COVID-19 has exacerbated these fears exponentially.

‘Uncertainty’ is the key word here, there is uncertainty of the trading environment, there is uncertainty of revenue generation, there is the uncertainty of what the new normal will look like once we come out of COVID-19 and what companies will need to do and adapt to this new normal; and Cyber Security plays a huge role in that, as unfortunately, Cyber Attacks are one of the big growth areas to come out of the pandemic.

The 3 words that we are hearing most when we speak to clients are “I don’t know”, what they are looking for from their suppliers and partners is people to help them know, to give them a degree of certainty and to help them de-risk their operations.

Pete: Scott, we did a podcast in the past on some of the changes to the cybersecurity risk landscape.  Can you summarize the top risks?

Scott: Correct, a few months back we shared our predictions around cybersecurity challenges that would be faced by businesses as they rushed to implement a work from home model.  And as I suspected, our predictions became a reality.  As we saw the remote workforce taking company issues computer systems home, we received feedback from many of our clients and CISOs we work with about the challenges in keeping those systems secured.  VPN licenses were maxed out.  Patching computer systems is much more difficult when they aren’t on the corporate domain.  The lack of control of these remote workstations presents a huge opportunity for organizations to secure these endpoints using EDR agents, which Gareth will highlight later this this podcast.  Regarding other risks, our Cyber Intelligence platform saw a huge spike in COVID related domains being established, the vast majority for malicious purposes.  Some of those domains were also used for email phishing to scam people into applying for fake government loans or sending malware to their computer when they clicked what appeared to be a safe link.  There was a massive increase in usage of online collaborative platforms such as Zoom, Teams, Webex, etc.  Companies that had plans to migrate to the cloud had to increase their project timelines to support the remote workforce.  We have been and continue to help our customers out as they continue to see these and other challenges. 

Pete: Gareth, what are some of the adaptable cybersecurity services that Cipher is offering?

Gareth: This question actually follows on from how we are helping companies de-risk their operations; our partnership with FireEye for their endpoint detection and response product, when taken as part of Cipher’s Managed Detection and Response service, provides companies a flexible costs model that decreases as your staff headcount and user base does, and only increases when the user base does. Naturally, when companies increase their headcount, this is when their business performance has improved.

What this gives companies is a way for their Cyber Security costs to match their business performance, as opposed to before when companies would take on fixed annual cyber costs for staff and software which remain the same and can only go up, no matter what the performance of the business is. Crucially, the service provided has the same scope, this does not decrease at all, only the costs do – which is perfect in uncertain trading environments.

This is a great way for companies to deal with uncertainty and the new normal.

Pete: And why are these initiatives important for a company, especially in today’s environment?

Gareth: Scott touched on this earlier, unfortunately one of the biggest growth areas of recent years and during the pandemic has been cyber attacks. This has and will continue to put a huge strain on IT and security teams.

You can look at this by breaking it down into a number of areas, firstly let’s take resource requirements.

The companies that have been best able to survive the pandemic are the ones that are furthest along in the digital transformation process, these will be the winners of the future. However, Digital transformation infrastructure massively increases the attack service, meaning companies have a greater resource requirement from the cybersecurity teams; typically 247 cyber operations are essential – anything else is not an option.

But this has numerous problems in itself:

The Costs to operate a 247 security operation center at the very least, bare minimum, needs six people to cover the shifts and to cover staff sickness and holidays. In the UK just for the staff salaries alone you’re looking at £250,000-£300,000 (about $320,000 to $380,000 US dollars) then you have to add the cost of security hardware and software and staff training on top of that and you’re looking at at least 1/2 of a million pounds. This is just for the base minimum.

And then when you’ve got that all set up, any single member of your team could leave for another job by handing in their 30 day’s notice which will then take you at least three months to fill that role.

Then you have to ensure continuous training of your in-house staff and, you’re still working with a handful of human beings, who can only have a certain level of knowledge individually.

Add all this up and you have spent a small fortune and still have a huge risk to your operations – this just doesn’t make any sense whatsoever.

Think about it, what does every good business executive do when they identify an unacceptable rest of the business? – they remove it!

In-house SOC’s and the costs and the risk they entail just doesn’t match the new normal and the way we will all individually work as people.

Scott: And Gareth, I’m happy you brought up the shift to different work models.  I wanted to take a moment to highlight a new offering that our parent company Prosegur is delivering to the market.  They are deploying workplace safety devices to assist companies in the post-COVID-19 world.  For example, they have an automated temperature screening solutions that uses an advanced FLIR thermal camera  capable of monitoring temperature with maximum accuracy which can be manned by a remote SOC.  They also have an automated occupancy control solutions that can count store traffic and indicate occupancy levels.  Video analytics for monitoring in-store social distance compliance can also be incorporated. 

Pete: Thanks for that Scott, it’s good to show how Cipher and Prosegur can provide a wide spectrum of managed security and cybersecurity solutions.  Moving back to cybersecurity, Gareth, what other benefits do companies get when migrating to a service provider?

Gareth: Outsourcing to a Managed security service provider allows for them to provide a shared team of cybersecurity professionals to the client, a team that is focused on remote services to customers – Clients get a multi-million dollar SOC that they don’t have to pay for themselves; the just pay a relatively small service fee.

This approach allows for a shared knowledge of common threats and TTPs (tactics, techniques, & procedures) faced by multiple organizations from different industries.  It results in an increased efficiency and quality of analytics and response activities.  Furthermore, this grants the vendor the ability to develop best in class defense techniques which include detection signatures, playbooks, intelligence and orchestration approaches.

Pete: Thank you for your time today Gareth, I hope this podcast was useful for our listeners.  For any of our listeners who are interested in our services to include CipherBox MDR or our flexible EDR offerings, please reach out to us via our marketing department, which can be reached at [email protected].  Also, if you liked today’s podcast, please subscribe so that you can be automatically notified when we publish our next episode.

Did you enjoy this blog article? Comment below with your feedback.