Juan Carlos García
Director
Mandiant
/
View from the Top

Preparation Is the Name of the Game in Cybersecurity

By Sofía Hanna | Thu, 12/09/2021 - 15:16

Q: Why is Software-as-a-Service (SaaS) the best option for cybersecurity solutions and how has Mandiant taken advantage of this opportunity to grow in the market?

A: SaaS is among the best options in the market because companies do not have to invest in the whole package. They can reduce capital expenses, focus on their strengths and receive the service from an expert in the field.

SaaS, however, is not the only option. In order to better respond to a cybersecurity risk, companies first need to define their security posture. After that, they can decide how they will implement the actions needed to cover the gap between the current situation and their desired posture. SaaS is a good choice but it is better to take a more holistic approach. 

 

 

Q: How knowledgeable are clients about SaaS solutions and their benefits in terms of investment and service?

A: With the pandemic, many companies were forced to undergo a digital transformation that was faster than they were prepared for. One year ago, many companies sent their employees home to work remotely. That accelerated the pace of the digital transformation because companies suddenly had to be more digitally oriented. SaaS is a good alternative to reduce costs because it is an easily implemented solution. Instead of having everything on-site or on-premise, now companies can use solutions that are on the internet.

 

 

Q: How hard is it to train employees to avoid cybersecurity traps such as phishing? 

A: It is not easy to create a cybersecurity culture in an organization. Most people are not very careful so the creation of a cybersecurity culture has to be consistent, continuous and long-lasting. Cybercriminals are very creative. They are continuously finding new ways to enter our systems. It is necessary to convince people that they need to be careful not only in the office but in their own lives. Today, it is even worse because never in history have so many people worked remotely, so cybercriminals are having a wonderful time.

 

 

Q: What does Intel Grid represent beyond your market experience? How does it translate to your platform?

A: Our approach uses three elements. The first are our products, which protect endpoints, networks and emails. The second are services focused on responding to a cybercrisis or an attack to define the company's security posture. The third is the cyberintelligence generated by Mandiant. We perform over 2,000 investigations per year into how criminals act and what are their tactics, techniques and procedures (ttp). We use that information to predict what will happen. Cyberintelligence is in our DNA.

 

 

Q: How attractive are your consulting solutions and how do they complement your offering?

A: Our customers’ profile defines our portfolio. If a customer is under attack or has already been attacked, we have services that respond right away. We get there, identify, contain, remediate and close other gates to these criminals. We also offer more proactive services. We do an extensive investigation because companies never know where criminals are going to be. That's why we believe that it is better to check everything.

 

 

Q: What are some of the top cybersecurity trends to watch for in 2021? 

A: We expect attacks to increase, especially ransomware. The problem with ransomware attacks is that many companies do not know how to deal with them. They do not have patches, so when they are attacked, they do not have any other option than to pay. This is probably the worst thing a company can do because if it pays, it motivates cybercriminals to continue. Prevention is key. Everyone is exposed and the possibility of being attacked is higher than ever. The name of the game is to be prepared to respond and recover as soon as possible. The main problem in Latin America is that the risk culture is very low. Most people wait for something to happen before taking action and by then it is probably too late. 

 

 

Q: In which business sectors have you found it most difficult to help protect business information?

A: Historically, cybercriminals have targeted the financial sector and insurance companies more often, so those are the main focus of attack and protection. But those organizations are generally more conscious about cyberattacks and are taking constant actions to be protected. Criminals are more likely to attack an easier target, which is  why sectors like retail, manufacturing and utilities should be more careful. Health and industrial systems also face many risks. Everyone is exposed but organizations that do not have a strong compliance structure should be on the lookout.

 

 

Q: What points can be improved, and what stops them from having already been achieved?

A: In the first month of the pandemic, many employees connected through their own systems because they were working from home and their employers never expected to have to deal with remote workers. Those systems did not have the minimum protection; they were not even close to the security policies they were supposed to have. The gap was huge, especially at first. 

The number of attacks and attempted attacks rose dramatically within a few months so the need for companies to change their cybersecurity strategy was of the utmost importance. Some did it well and others did not but companies are more aware of this matter now. However, the creativity of cybercriminals improves every day and it is not easy to keep up. Cybercriminals collaborate to develop complex and sophisticated threats and the only way a company can protect itself is to be prepared.

 

 

Mandiant provides solutions that protect organizations against cyberattacks by globally leveraging innovative technology and expertise to deliver a broad portfolio of solutions and security services. 

Sofía Hanna Sofía Hanna Junior Journalist and Industry Analyst