Posted on June 29, 2023
In recent weeks, Ericom’s been out in full force at events large and small — at Infosec Europe, the Towerwall Information Security Summit in Boston, and Cradlepoint partner events throughout Europe. And what a comeback it’s been! We passed on the marching bands and dancing bears but at least at Infosec, a couple of magicians were on hand to wow visitors to our stand with clever tricks.
But the true magic at all recent events is in our powerful solutions for the thorny security challenges every organization faces today. If you couldn’t make it to our recent events or missed hitting our stand, no worries. We’re pleased to share highlights here.
Sean Martin of ITSP Magazine was on the spot at Infosec Europe with our very own Ravi Pather to discuss why security-forward organizations are still experiencing cyberattacks; which critical vulnerabilities their current security stacks are failing to address; and how Ericom solutions protect against exploits that detection-based solutions cannot stop.
Here are some highlights of their conversation. (Catch the full interview here.)
Ravi started by discussing how most organizations that have moved to the cloud have extensive collections of point security solutions, which address many security issues. Given this investment, Ravi and Sean focused on the obvious questions: “Why are companies that are investing so much in cybersecurity still experiencing cyberattacks? And what should those companies be doing to protect their operations, data and customers?”
The alarming fact of the matter is that cybercriminals are a year or two ahead of the solutions designed to stop them. By the time a solution is available to address the latest type of attack, hackers have already moved on to the next. Even advanced security solutions that leverage AI operate on the basis of known malware signatures and therefore fail to identify and block zero days.
Given that solutions cannot detect what they do not “know” they should look for, Ravi suggests a complementary model, based on prevention — especially prevention of the most common methods by which exploits are initiated, such as phishing and credential theft. Of course, detection-based solutions are necessary, since they filter out the bulk of threats – those that are already known. But they are not sufficient; an additional, prevention-based layer is needed to protect against unknown exploits.
Segregated networks that had no internet access used to be the only way to prevent zero-day attacks. Typically, these were used only in highly sensitive industries such as defense and then, only for high-risk data. This type of segregation is impractical and extracts a high cost in terms of productivity and frustration.
Today, with the vast majority of attacks initiated via the internet, in many different ways – clickbait, malicious documents, phishing and more — many organizations adopt a less extreme version of this approach. To maintain a high level of security, they block access to many high-risk sites. This frustrates users and generates tension between users and security departments.
In contrast, cloud architectures enable Ericom to provide a Zero Trust, no-interference approach to internet use. We give the users what they want – seamless access to whichever sites and apps they need, even those that might be classified as high risk – while isolating them from the “dirt” that’s on the internet.
An important capability in this regard is isolating virtual meetings like Teams and Zoom, since many organizations regard these now-essential tools as unacceptably risky. Ericom Virtual Meeting Isolation is the only solution that isolates all elements of these meetings – voice, video, screen sharing and chat to prevent malware attacks and data loss.
Today, many businesses want to allow partners, contractors and even, in some cases, customers to access their applications. That, of course, is a huge red flag for security teams, since they have no control over the devices that will be accessing sensitive apps. Ravi described Ericom’s remarkable solution for this use case, which isolates apps from the risks presented by unmanaged devices, without requiring any clients or agents to be installed on the device.
Finally, they got down to the nitty-gritty with Ravi describing how, as a cloud-based solution, a proof-of-concept environment can be established within minutes, and live users can begin to browse under isolation.
Ravi and Sean went on to discuss the qualities and capabilities of Ericom’s innovative, isolation-based Security Service Edge solution that led to Cradlepoint acquiring the company, and how the backing of Cradlepoint, a part of Ericsson, is enabling Ericom to accelerate its development efforts. Ericom’s Security Service Edge platform will also be the basis of the Cradlepoint NetCloud Threat Defense cloud service for fixed-site, remote worker, in-vehicle and IoT use cases.
Sound interesting? The good news is that if you missed us at Infosec Europe, you haven’t missed us at all. We’re happy to bring the show straight to you – contact us for a demo today!
The FBI-led takedown of Qakbot was an operation that involved seven countries. Malware was removed from 700,000 computers. But don’t think all that makes you safe.
Generative AI empowers its users to work fast, better and more efficiently. Alas, this includes cybercriminals, who are using malicious GenAI platforms to accelerate zero-day exploit creation.
Cybercriminals love the multiplier effect they get from attacking law firms: Hack in, and they get firm data PLUS juicy confidential client info.