fbpx

Think Like the Enemy

Sponsored Content by Think Systems, Inc.

 

Harish Siriparapu wanted to be a fighter pilot growing up, but when his parents deemed his dream too risky, he discovered a new way to take off in the field of international security. He would learn to employ assault tactics and conduct evasive maneuvers in the airspace of the new millennium: cyberspace.

Harish, who grew up in Chennai, India, discovered his natural inclination for cyber security at University of South Carolina, where he took an immediate shine to the tactical detective work required to combat hackers. “I really enjoy the investigations and forensics, searching for clues and answers,” he says.

Harish, who is based in Ellicott City, now leads Think’s efforts to stay one step ahead of the cybercriminals. It is a fight, he says, that requires constant vigilance against a target that never stops moving.

Q: What is the biggest cyber security issue companies face?

A: Cyber threats are evolving so quickly that if you recognize a relevant cyber threat in June, by August or September that information might be obsolete. IT professionals must constantly keep on top of new threats and how they can impact an organization. In the current business climate, companies are transforming their systems to be more versatile, flexible and accessible. They’re moving more information to the cloud to allow employees to work from home. Organizations need to recognize that any computer system change is going to significantly impact security. In an environment that’s evolving as rapidly as IT, it can be difficult to keep track of the changing risks in a changing environment. Controlling unauthorized access to your data – from either a cyber threat or phishing malware — tests your organization’s agility, and ability to identify and adjust protocols to adequately mitigate risk. To me, this is the biggest problem in the market right now.

Q: What is the goal of a cyber attacker?

A: It is all tied to money. Cybercrime is the second largest economy outside the legal economy. There are cybercrime gangs, and there are nation-state actors that attempt to hurt an entire nation by attacking its critical infrastructure or government institutions. There are very few individual ‘mischief makers’ trying to hack into people’s systems. Today it is all about people trying to profit from cybercrime.

Q: Where are these gangs operating?

A: Many hackers are believed to be in Russia, eastern Europe, China and North Korea. To hack, you need to have a good internet infrastructure, so many believe Russia is a huge source of cybercrime. Gangs have distinct signatures in the tools they use. Some ransomware is exclusive to certain gangs in Russia and eastern Europe.

Q: So, what is the impact on small and large companies?

A: In 2018, cybercrime cost companies $1.5 trillion annually. It is believed the average data breach will cost about $3.8 million. Small and medium-sized businesses suffer 43 percent of all attacks, and 50 percent of small businesses experienced at least one cyberattack in 2019. The percentage of all attacks that are launched on phishing is 91 percent.

Q: How should a company combat cybercrime?

A: First, you have to be aware of what’s happening. Subscribe to industry bulletins like InfoGuard and FBI lists. The Secret Service issues advisories when they recognize certain threats, educating the community about what types of attacks are increasing and what types of controls can block the threat. Second, IT professionals should constantly analyze new and evolving tools in the market and understand how technological advances can be used against whichever threats you face. Constantly be on the lookout, understand what is happening in the industry, understand what is happening in your environment and respond quickly. Security monitoring — collecting logs from all systems – is key.

Q. Where are companies falling short?

A: Many companies don’t perform adequate security monitoring because they’re put off by the price tag. It can be one of the most expensive components of a security program, but there are cost-effective ways to perform security monitoring. Third and most of all: train people to use the systems you’ve put in place. In the security world there is a saying that humans are the weakest link in the chain. You can have the smartest firewalls and email security controls but if your users are not adequately trained, your entire program could be defeated by your own users.

Q: What does a leading company do to ensure cyber security?

A: An ordinary company trains it workforce on best practices in cyber security, such as using encrypted email, but a leading company will build what is called a cyber resilient culture. In a cyber resilient culture you are training your workforce not only to detect cyberattacks but to be part of the response process.

Q: What news sources or blogs do you find indispensable in your line of work?

A: I’ve set up Google alerts for topics like digital transformation, cloud security, and more. Security Blvd and Dark Reading are also good publications.

Q: Where do you think cybercrime is heading?

A: We haven’t seen the worst of it. It is going to get quite bad out there. There are two areas that concern me: the types of environments getting attacked are increasing. Industrial technology has traditionally not been targeted, but when you connect the technologies used in manufacturing plants, these become targets. The attacks are getting deeper too. While we are building cyber security solutions for artificial intelligence and machine learning, the attackers are also building hacking tools based on AI and machine learning. It is a money-making industry and cybercriminals have a lot of money to invest.

Q: What advice do you have for companies facing these evolving threats?

A: Don’t put all your focus on operations like patching or compliance. That’s the bare minimum. The secret is to build a wholistic program. You need a team of well-rounded information security individuals who are able to tackle planning, governance, operations and compliance. In the small business market, companies need to either find someone who can handle all these facets, train someone to perform these functions or hire a virtual chief information security officer. Cyber-attacks are not just happening to the big guys: they are happening to small companies as well. The small business market needs to take cyber security threats seriously. The risks are real and getting more sophisticated every day.

About Harish Siripurapu

Harish is a Cybersecurity and Privacy Executive Advisor at Think. He brings over 16 years of cybersecurity strategy and operations management leadership, including Fortune 100 experience. Harish served as Director of Global Security at Sitecore, and previously PricewaterhousCoopers where he developed and implemented security strategies, transformed programs, responded to cyber incidents and critical regulatory findings (GLBA, HIPPA, PCI, DSS) instituting remediation plans.

 

You May Also Like

New AI Software and Tech News Source Launched by Miami Company

Neon Flux has established itself as a top-performing player in incubating and accelerating digital brands.

New Partnership Paves Way for Miami-Dade’s First Virtual Production LED Studio

It will be the largest in South Florida, offering immersive real-time environments, Unreal Engine, and in-camera motion tracking and rendering.

Amerified Launches in Miami to Aid Discovery of U.S. Manufactured Products

The main goal of the tech start-up is to support and enhance the acquisition of construction and infrastructure goods.

Other Posts

Tabit Technologies Opens Office in Miami

A Miami office with nearly 5,5500 square feet will operate as the new corporate headquarters for Tabit Technologies, a mobile-first hospitality platform. Tabit’s software implements mobile technology to provide a business process-oriented

Miami Real Estate Company Forms Partnership With California Tech Company

Aiming to revolutionize the Miami luxury real estate industry, Alyssa Morgan (pictured) recently launched her new real estate company, The Inside Network. The new business was created in partnership with San

Two Companies Join Boca Raton Innovation Campus

Boca Raton Innovation Campus (BRiC), a fast-growing technology and life sciences hub in Boca Raton, recently reached lease agreements with two companies to continue its expansion efforts. The new tenants

TSC Miami Receives Investment From Trilantic North America

Trilantic North America, a private equity firm, recently completed a substantial growth investment in TSC Miami. The investment is being made in partnership with TSC’s founding team, namely Billy Koorse, his

Drew Limsky

Drew Limsky

Editor-in-Chief

BIOGRAPHY

Drew Limsky joined Lifestyle Media Group in August 2020 as Editor-in-Chief of South Florida Business & Wealth. His first issue of SFBW, October 2020, heralded a reimagined structure, with new content categories and a slew of fresh visual themes. “As sort of a cross between Forbes and Robb Report, with a dash of GQ and Vogue,” Limsky says, “SFBW reflects South Florida’s increasingly sophisticated and dynamic business and cultural landscape.”

Limsky, an avid traveler, swimmer and film buff who holds a law degree and Ph.D. from New York University, likes to say, “I’m a doctor, but I can’t operate—except on your brand.” He wrote his dissertation on the nonfiction work of Joan Didion. Prior to that, Limsky received his B.A. in English, summa cum laude, from Emory University and earned his M.A. in literature at American University in connection with a Masters Scholar Award fellowship.

Limsky came to SFBW at the apex of a storied career in journalism and publishing that includes six previous lead editorial roles, including for some of the world’s best-known brands. He served as global editor-in-chief of Lexus magazine, founding editor-in-chief of custom lifestyle magazines for Cadillac and Holland America Line, and was the founding editor-in-chief of Modern Luxury Interiors South Florida. He also was the executive editor for B2B magazines for Acura and Honda Financial Services, and he served as travel editor for Conde Nast. Magazines under Limsky’s editorship have garnered more than 75 industry awards.

He has also written for many of the country’s top newspapers and magazines, including The New York Times, Washington Post, Los Angeles Times, Miami Herald, Boston Globe, USA Today, Worth, Robb Report, Afar, Time Out New York, National Geographic Traveler, Men’s Journal, Ritz-Carlton, Elite Traveler, Florida Design, Metropolis and Architectural Digest Mexico. His other clients have included Four Seasons, Acqualina Resort & Residences, Yahoo!, American Airlines, Wynn, Douglas Elliman and Corcoran. As an adjunct assistant professor, Limsky has taught journalism, film and creative writing at the City University of New York, Pace University, American University and other colleges.