Recently, IT World Canada sat down with Managing Partner and COO Ed Dubrovsky to discuss the state of cybersecurity in 2019 and a look ahead to 2020.
Dubrovsky sees some complacency in the attitude of Canadians and organizations. “We’re just accepting this is a risk,” as a result of the almost daily stories of breaches. “Unfortunately I don’t think there’s enough being done, still” by IT departments. “We don’t understand the threat actors are also ramping up both the damage they’re causing and the monetary demands.”
“Frequently when I’m at conferences I watch other cybersecurity experts give a talk, I look across the room and I see a lot of people tuned out — and I’m talking about leadership. That’s a problem because leadership needs to understand the risks are very significant.”
Looking ahead, Dubrovsky says in 2020 infosec pros will see more attacks using combined tactics, like ransomware that includes data-stealing capabilities by the Maze group and the strain of ransomware dubbed Sodinokibi, which also infects and uses anti-virus software for spreading malware.
Dubrovsky also sees hope, noting cybersecurity spending is increasing, although mainly in large organizations.
But, he adds, many organizations that are successfully attacked worry don’t worry enough about securing their systems. “The only thing they care about is how do we get our systems back” and not ensuring all vulnerabilities are plugged. Failure to do that, he warned, will mean the network will be penetrated again. “They don’t understand they are dealing with criminal organizations that are now very well funded, And not securing themselves against the next attack is really foolhardy.”