In 2020, we’ve seen the rate of digitalisation accelerate faster than any year in history. This acceleration has come with implications for organisation’s and their cybersecurity posture. Today, organisations have a much more hybrid workforce than they did at the start of 2020. This has resulted in a dramatic shift in organisations looking at how they maximise productivity with teams working from home and the workplace. In addition, there is a big focus on making those workspaces (offices, factories, retail, etc.) safe spaces for those who occupy them. Technology is playing a major role in both these considerations. Wrapped around this, is the really important issue of cybersecurity. We often describe cybersecurity as the catalyst for innovation, because if you can’t get the security right, often the innovation can’t be implemented.
With digitalisation, more and more devices are being added to an organisation’s network. Every one of these devices represents an additional attack surface for the cybercriminal. The cybercriminals themselves are very much aware of this. More malware is released in a month than all the legitimate code in a year. It is not just malware, were seeing hackers use a variety of methods such as Ransomware, vulnerability exploits, phishing, drive-by-downloads, water holes, weaponization of adware, denial of service, bots, man-in-the-middle and exploitation of poor password management, to name some of the most common attacks. Moreover, attacks are becoming increasingly sophisticated with the use of AI, social engineering, plus the use of polymorphic and metamorphic malware attack techniques.
On the flip side, the cost of attacks seems to be going up. Figures I’ve read recently suggest the average cost of an attack across all sizes of business is somewhere between $3 million and $9 million depending on the source. Interestingly figures published by the Eight Annual Study of Cyber Claim Payouts reported that cyber insurance claims made by small businesses averaged $195K. We have to remember, that is actual accountable loss, not fixing the vulnerability. That is a huge amount for a small business to suffer. The evidence couldn’t be clearer, organisations that fail to achieve a strong cybersecurity posture risk going out of business. Fines, brand damage, loss of IP and loss of customer confidence are just a few of the reasons why some organisations who suffer a cybersecurity breach never fully recover.
Good cybersecurity relies on having the right knowledge and tools to keep cyber criminals out. It used to be that the best weapon of defence against endpoint attacks was antivirus software. However, the rise in the amount of malware threats is too much today for even the best antivirus scanners. One report I read this week suggested that antivirus products miss on average 60% of attacks. Hence, we’ve seen the development of purpose-built endpoint security solutions. These solutions forgo a chase-from-behind approach characterised by a reliance on signatures, product suites or pervasive presence, and instead proactively monitor and contain attacks using emerging technologies, such as security automation and machine learning. Endpoint protection can be broken down by:
- Those that are designed to secure endpoints before an attack
- Those focused on containing a breach after an attack (Endpoint detection and response (EDR).
It’s the former, proactive approach, where BlackBerry’s Cylance Technology mainly plays. The suite itself contains:
- BlackBerry GUARD – Proactive management, detection and response.
- BlackBerry PROTECT – AI End-point protection
- BlackBerry OPTICS – Detection and response solution
It is the last point that also makes BlackBerry highly relevant, given today’s hybrid workforce. Compromised Wi-Fi and domestic devices are becoming a common attack vector. Poorly secure gateways make information theft easy. Adversaries can hijack the Wi-Fi connection, inject malicious code, and then take control over systems or access data. One of the challenges we’ve seen with a large number of home workers is the fact the domestic routers and networks offer nowhere near the sort of security and protection as those used in enterprises. Sometimes the vulnerability doesn’t come from the router itself, but the other devices running on the home network. In a typical home you might expect to see a smart TV, a wireless printer, perhaps some sort of games machine, a personal assistant, wearable devices, personal phones, smart lighting, smart doorbells, or all manner of devices sharing the network.
Other devices from friends and family may occasionally connect to the home network when they pay a visit. These all represent a vulnerability and offer the cyber criminal a stepping stone to their ultimate target. There is a strong argument to help employees, particularly high target employees, make their home networks more secure and encourage better cybersecurity hygiene with personal devices. In this way, we are seeing a blend between personal and work, where a weakness in one area makes the other vulnerable. This also has deep psychological implications on how we view our relationship with work and the control work has over how we conduct and manage our personal life.
Accessing the BlackBerry Solutions available from Tech Data
In Europe, BlackBerry is a key strategic vendor for us in many countries. Adding BlackBerry's new solutions into the European cybersecurity portfolio makes a huge amount of sense. The solutions will be available to customers in Austria, France, Germany, Ireland, Switzerland and the UK. This is an excellent opportunity to start building up cybersecurity expertise.
BlackBerry’s machine learning and artificial intelligence technology is a strategic addition to BlackBerry’s end-to-end secure communications portfolio. Notably, its embeddable AI technology will accelerate the development of BlackBerry Spark, the secure communications platform for the Internet of Things (IoT).
To help you get started with Blackberry new suite of solutions, Tech Data offers enablement programmes around Sales and Technical Training. If you reach out to your Tech Data Account Manager in the first instance, they will help you get started.