VP & GM for Advanced Threat Detection, Mimecast
User Name
Boris Vaynberg
-
Boris Vaynberg
Boris Vaynberg is VP and GM for Advanced Threat Detection at Mimecast. He was CEO and co-founder of Solebit prior to being acquired by Mimecast. He brings more than a decade of operational expertise in leading large-scale cybersecurity projects in the civilian and military intelligence sectors. Boris’ experience also includes positions at Elbit Systems’ Intelligence and Cyber Solutions division and Comsec Consulting’s Information Security division, where he was responsible for product management, business development, marketing and sales of numerous multi-million dollar security solutions. Prior, he worked in the elite technology unit of the Israel Defense Forces (IDF), where he led a number of teams in both offensive and defensive cyber security.
Related Articles
-
The Get Cyber Resilient Show Episode #22
This week Gar is joined by Prescott Pym, Operations Director for Network Security at Verizon and self confessed ‘cyber-holic’.
-
The Get Cyber Resilient Show Episode #21
Gar O’Hara is joined once again by Dan McDermott and Bradley Sing for the June monthly roundup episode.
-
The Get Cyber Resilient Show Episode #20
Gar is joined this week by Luke Francis, the Channel Director for CrowdStrike in Australia and New Zealand.
Global Attacks Abound
Content
No government is safe.
There seems to be a resurgence of interest in the belief that the world is flat despite all evidence to the contrary. Cybercriminals on the other hand, understand all too well that the Earth is actually boundaryless in cyberspace and ripe for plunder on a global level, especially when governments get involved.
Political Targets
While the 2016 Russian hacking of the US elections has become legendary and still makes news in the courts, it appears that the US is not the only political target.
Here in Australia, the ABC reported in February:
Quote
“Canberra was shocked yesterday when the Government's top cyber security official confirmed there'd been a hack of the computer networks in Parliament House, and on the three biggest political parties, saying it was certainly carried out by a foreign power.
Content
That power is now widely suspected to have been China. Another recent political attack was reported by the BBC in January:
Quote
“Hundreds of German politicians, including Chancellor Angela Merkel, have had personal details stolen and published online. Contacts, private chats and financial details were put out on Twitter that belong to figures from every political party except the far-right AfD. Data from celebrities and journalists were also leaked. It is unclear who was behind the attack, which emerged on Twitter in the style of an advent calendar last month."
Content
The US-based Center For Strategic & International Studies (CSIS) has been tracking cyberattacks on government agencies, defense and high tech companies, or economic crimes with losses of more than $1 million since 2006. You can read their 34-page list of significant incidents spanning globe and quickly realise that no boundary truly exists in the war on cybercrime.
Cyberattacks Cross All Boundaries
While costs can be staggering. The National UAE reported that “We are in a war with no boundaries” and goes on to quote a cybersecurity expert:
Quote
“In cyberspace there are no national boundaries, and attackers needn’t be a country or organisation,” said William Hagestad, a researcher in cyber security intelligence at Red Dragon Rising Publishing in the US. “They can be anyone with a computer, mouse and keyboard and the will to do harm."
Content
Because these cybercriminals operate across country boundaries, they become almost impossible to catch and prosecute. According to CSO online:
Quote
“Jurisdiction, jurisdiction, jurisdiction. This is the No. 1 barrier to prosecuting cyber crime. Most of the time, the person committing the crime is located outside of the country (or at least outside the legal jurisdiction of the court and prosecutors seeking the conviction). It’s hard enough to successfully prosecute a cyber criminal if they originate in the same jurisdiction as the victim, but close to impossible when both reside in different locations."
Content
Prevention is Superior to Remediation
It seems to be a blatant statement of the obvious that prevention is superior to remediation, but why is it that most CISOs still rely on IT security protection instead of prevention?
At this stage, you should be considering only solutions that use deep inspection and analysis methods which can interpret and detect malicious code in real time and immediately block threats, preventing unwanted code affecting your IT infrastructure is the only way to go.
Your solution should ensure that every line of code is evaluated, making evasion techniques ineffective. Bottom line is that your organisation will be better protected from attack-for-hire services.
EN Hreflang tag
Comments:0
Add comment