HCL SW Blogs
Select Page

Last week, Kristin Hazlewood, general manager and vice president of HCL BigFix, participated on a cybersecurity leadership panel presented by CyberTheory. Following are comments made by Hazlewood around the topic: Cybersecurity Leadership: Continuing Issues amid an Extended COVID-19 Lockdown. 

Question: New waves of more complex malware that use devices or users as proxies in order to reach more valuable assets in corporate networks are some of the biggest potential threats during this lockdown. In this new reality, can we rely on new technology to react to new threats and can they be implemented quick enough? 

Hazlewood“Let’s not forget about the fundamentals that can be simply addressed by having those safety nets within the infrastructure to help maintain continuous compliance of endpoints. It’s so easy working from home for one of your children to ask to borrow your laptop for a moment, and you come back and low and behold, something has happened on your system.”  

Question: Over the previous few months, the cybersecurity community has observed numerous attack vectors that use a COVID-19 theme either as bait or as a way to conceal malicious activity from identification and detection. North Korean state hackers sent COVID-19-themed phishing emails to more than 5 million businesses and individuals in Singapore, Japan, the United States, South Korea, India, and the UK in an attempt to steal personal and financial dataWhat are we doing to leap-frog these new email phishing techniques? And is it purely a human problem or are there technology solutions that can help?  

HazlewoodIt’s a combination of training and technology. We have to keep in mind that today’s remote workforce are not all IT professionals – they are not as concerned about security. Then you add the heightened emotions around COVID-19 and people are even more susceptible to phishing attacks. It’s even more important now to have the proper IT and security infrastructure in place to help combat these attacks. Education is important, but we have to mindful of human nature. There are going to be some slip ups. Ultimately, phishing attacks are only possible if they are able to exploit an underlying vulnerability in an environment, so it absolutely critical that organizations have tools to help provide the visibility to any of these vulnerabilities so they can understand where they have risk so that they can take action. 

Question: Given our increasing reliance on Cloud computing, which issue is the most important from a cybersecurity perspective? An over-reliance or providers and insufficient diligence on behalf of end-users, the third-party reporting gaps (who does the SOC2?) or technical limitations like MFA or configuration management? 

Hazlewood“Step one is having visibility. There are many organizations that don’t know what their teams are running in the cloud. You can’t control and protect when you don’t know. We need more tools and education, and we are seeing more and more organizations understanding that there are more configurations and more risk. It’s a shared responsibility model between the organizations themselves and what the cloud providers bring to the table.” 

Question: While the increase in remote work has focused attackers on virtual private networks (VPNs) and cloud services in 2020, penetration-testing data from last year shows that many compromises were already focused on credentials as the best way to gain access to cloud infrastructure. Password spraying continued to be the top technique for external attackers. And patching for WMI and RDP exposures remain a challenge. What have you found to be the most effective approach in combatting this threat in a world increasingly dependent upon remote work? 

Hazlewood: “Passwords aren’t going away, but while we definitely want to move away from them, its making sure that we have secure and enforceable password policies, multi-factor layering in those behavioral analytics as well as that the principles of least privilege. That’s the first line of defense. Then discuss response and make sure that you have a way to respond when you see one these attacks happening. How do you quarantine systems? How do you get your organization together to respond?  

Question: What are the most critical components of your cyber security roadmap in 2021? 

Hazlewood: “Bringing together security and IT teams.” So often, the security teams have the knowledge and the tools while IT teams have the manpower to implement and enforce. In many organizations, we continue to see that disconnect, whether it is the usage of different tools, speaking a different language or having different priorities. Unfortunately, many breaches are a result of the two teams not collaborating as well as they would like, so the challenge for me is how do we make sure that those organizations are seamlessly able to work together and share the same tools.” 

View the full leadership panel here:

For more information, or an interview with Kristin Hazlewood, please contact Jeremy McNeive, Manager of Public Relations, HCLSoftware. 

Media Contact:
Jeremy McNeive

Comment wrap
Further Reading
Consolidating tools can help in uncertain economic times
Automation | March 27, 2023
Consolidating Tools Can Help in Uncertain Economic Times
“IT tool consolidation” refers to the process of streamlining an organization's technology stack by reducing redundancies and consolidating similar tools into a single platform.
US Federal Government Exerts Authority in Cybersecurity
Automation | February 28, 2023
US Federal Government Exerts Authority in Cybersecurity: Impacts Felt Around the World
Here, we highlight each of these actions and describe how HCL BigFix supports the government’s (and any organization’s) initiatives to strengthen the ability to prevent cyberattacks.
BigFix on Cloud
Automation | February 20, 2023
Accelerate Your Endpoint Management with BigFix on Cloud
As endpoints continue to grow in volume and diversity, managing and securing them has become more complex and time-consuming.
Filters result by