Miguel Hernandez y Lopez is a Cyber Security Engineering Manager and member of the CTO Innovation Office at Check Point Software Technologies. Miguel has over 20 years in the cyber security field. He was a member of the Honeynet Project, an international non-profit organization (501c3) dedicated to the investigation of the most recent computer attacks, and the development of OpenSource security tools to learn how hackers behave. He is co-author of the Security Compendium ´Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions´ sponsored by the U.S. Air Force Academy, USA (ISBN: 978-1-60566-326-5). Miguel holds a Master of Science of Technology from Universidad de Buenos Aires.

In this Cyber Talk interview, Miguel Hernandez y Lopez discusses how the coronavirus pandemic has led to an increase in cyber security challenges, and he provides information about what to watch out for right now. In addition, get outstanding expert content that highlights how organizations can combat the latest wave of threats.

How has the coronavirus pandemic increased opportunities for hackers?

The digital transformation in companies in the last year has altered how organizations continue their day-to-day operations. Organizations have needed to adapt and protect themselves quickly, requiring cutting-edge, granular, and high-performance security in all environments. The pandemic gave way to an exponential increase in cyber attacks, mainly focused on users who now work remotely outside their corporate “security zones”, so to speak. Many businesses were forced to transition and reassign priorities within their cyber security strategy, and to consider security solutions that can cover all available attack vectors.

How have hackers taken advantage of coronavirus-related trends?

Hackers have taken advantage of users who are working remotely.  They’ve engaged in phishing, crypto mining and ransomware attacks, which have increased exponentially in recent months. From the sale of dubious vaccines on the dark web, to malicious sites, to downloads from infected applications, with the sole purpose of obtaining sensitive information from people…The transition in providing work tools to employees, went from on-premise applications to SaaS / PaaS applications and that is where a very large entry point opened, which can impact business operations for organizations.

Which types of computer viruses have become very common in the last 12 months?

We have seen that one of the vectors with the highest impact rate is the download of malicious executable files or infected MS Office documents, either via email or from malicious sites. That is why it is important that all employees must be protected across all of the different avenues of attack. The availability of cyber security safeguards for employees must be immediate, protecting them from advanced threats. Let us remember that an anti-virus is no longer enough. It becomes critical and necessary for businesses to have advanced security mechanisms for the detection, protection and mitigation of these types of attacks.

What are the top proactive steps that you recommend for businesses to take now?

Consider a cyber security strategy based on a SASE (Secure Access Service Edge) architecture, taking into account two important pillars:

First pillar: Business costs and functionalities

  • Cost reduction and operational burden
  • Cloud-centric technologies and architecture
  • Secure access to corporate resources

Second pillar: Security controls and user experience

  • Internet access optimization
  • Improvise security and reduce threats
  • Cloud adoption
  • Provision ZTNA (Zero Trust Network Access)

To cover this, Check Point’s SASE architectural model unifies six cloud-based security products to keep you 100% safe. Wherever you connect from, whatever you connect to, and however you connect – Your home, your devices, your privacy and your organizational data are secured and protected from any cyber threat. Any user, regardless of their location, or asset should be able to access any application, either corporate or public, in a secure way. Versatility, scalability, and user experience are of paramount importance.

How should organizations develop emergency communications in the event that networks experience an incident?

For this type of situation, organizations like Check Point have specialized incident response teams available 24/7 to accelerate the ability to contain any type of security threat, reducing response time, and mainly maintaining the business’s operation. After an incident, we can assist the end user in applying industry best practices to strengthen their cyber security strategy and provide intelligence on recent advanced threats that are being seen globally. If you have an incident, don’t hesitate to contact us at emergency-response@checkpoint.com

Anything else that you wish to share with the Cyber Talk audience

Given all of the news and security events we’ve seen, and the events that don’t make the news and stay private, what price would a CISO put on your business’s information? How much money would your company lose in having your operations stopped for 1 hour? Is it worth that risk? Don’t wait for your company to make the news. Get ahead and take action now to reinforce your cyber security strategy.