WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 18, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
Like many of us in security, the last business trip and conference I attended was RSA in San Francisco, March 2020. It was then that we started to hear about how dangerous and fast spreading the “Novel Coronavirus” that causes COVID-19 was and slowly started to realize this was not going to be a normal flu outbreak. It was just after the RSA Conference that the world started to shut down and change drastically.
In 2021, the RSA Conference theme is “resilience”. That seems appropriate given the year we have had and the fact that the conference will be virtual. The term “resilience” like many terms in security can have many meanings depending on the context. In this post I would like to highlight the role resilience has played over the past year by highlighting trends and guidance that aligns with three pillars of security— people, process, and technology.
I am amazed by the resilience of people over the past year. The world has come together to fight the biggest pandemic of our time where to date, with over 150 million infected and over 3 million deaths, impacting everyone in the world. In addition to the impact on physical health, the toil on mental health and the world economy has been formidable. Through innovation we found ways to mitigate the spread of the virus and developed a vaccine in record time to save lives.
Working from home put a strain on IT and Security departments around the world, as they had to quickly evolve to the new reality. Some companies were already setup for remote work, while others had to quickly deploy new tools and infrastructure to keep their businesses afloat.
The impact on IT and Security organizations has forced organizations to adapt to a new world, where work-from-home became the norm, kids were also learning virtually, and nights out became takeout. Pew Research found that prior to the pandemic, workers who said their job responsibilities could be done from home rarely did so, only 1 in 5 said they worked from home some or all the time. However, during the pandemic this number jumped to 71% of workers doing their job from home, with more than half saying they would like to keep working from home even after the pandemic is over.
In addition to employees working from home, most companies also put a ban on business travel, forcing them to not only use Zoom for internal communications, but also to communicate with customers, prospects, and partners, which posed added security risks.
Many organizations have business continuity plans, but very few considered a global pandemic at the scale of COVID-19. As the seriousness of the pandemic was realized it forced organizations to review their business continuity plans, their IT architecture and for security teams, their overall security posture and incident response process.
The businesses that have survived were able to adapt to the change quickly, many of them were in the process of a digital transformation, migrating to cloud-based architectures, the pandemic accelerated this transition. Organizations that had not moved to a cloud-based architectures had to evolve quickly to survive, as hardware became difficult to acquire due to supply chain disruptions. The shift to remote workers and the cloud required security teams to revise their risk assessments particularly on assets and processes critical to the business.
Securing “work-from-home” at scale is a difficult transition for most businesses, particularly if they did not have anything established for remote workers prior. Here are a few recommendations that we have implemented at ReliaQuest with our customers to help them with the transition (but really they are foundational for security hygiene—regardless of the macro environment.)
Identify and Protect Critical Systems: In a remote work environment VPN (virtual private networks), Cloud environments and endpoint security have been identified as critical components to empower and secure remote work forces. Ensuring that these systems have the proper telemetry in place for monitoring as well as a vulnerability and patch management to keep these systems running and secure is critical.
Multifactor Authentication: Many organizations have established multi-factor authentication to secure at least parts of their network, however having to accelerate the rollout can be a challenge. Similar to prioritizing critical systems, organizations will want to prioritize users who have elevated privileges as well as those working with critical systems. For other users it is best to rollout in phases to ensure the IT and Security teams are coordinated and identify any bugs as things are rolled out.
Compensating Controls: Many tools critical to employees doing their jobs are on-premises only, and IT teams are having to open some of these tools up to remote workers. IT and security teams need to work together to ensure that as these applications are made available to remote employees that these apps are protected with additional controls, such as with VPNs (virtual private networks) and MFA as mentioned above. However, they will also want to gather more verbose logs from these systems as well for the security team to identify any anomalies. Often security teams may not prioritize these internal systems and opening them up to remote workers can increase risk without the proper controls in place.
Virtualization: Leveraging cloud-based virtual environments can make remote work easier for employees, as well as allow organization to get more out of the server and cloud infrastructure they already have. However, it is important to ensure that strong authentication policies are enforced.
During the pandemic, suddenly companies are forced to extend their firewalls and monitoring beyond the physical boundaries of their office. Company systems are being accessed from a wide range of devices, even personal devices. These changes can lead to compromise, data sprawl and other new vulnerabilities.
According to Gartner during the pandemic while technology budgets shrank by 8% overall the increased demand for cloud growth grew by 18%. Some of the challenges with moving to cloud based infrastructure often means lack of centralization and visibility, as IT and security teams need to both retool as well as learn modern technologies quickly.
The outcome is an inability to respond to detect and respond to cloud-based threats as the tools and threats in these environments is quite different from on-premises based infrastructure. In addition, compliance and privacy challenges don’t go away with the shift to cloud and organizations need to evaluate these requirements as they shift
Zoom and other teleconferencing solutions have become the real star of the pandemic. Counting both free and paying users, Zoom has 300 million daily meeting participants. That is an increase of 2900% since December 31, 2019, when 10 million daily meeting participants logged on. There was a challenge early in the pandemic with securing these meetings as many left them open to anyone which led to “Zoom bombing” and other threats.
As more employees are now working from home, some do not want to go back to the office and some companies are seeing the benefits of remote work and have even shut down their offices altogether. Although not every company will be that extreme, most companies will be slow to move employees back to the office and most believe there will be some element of remote work in the future. The forced digitization of COVID-19 has functioned as a test lab for remote work in many companies as well as a cloud transition. This transition has forced organizations to change how they approach IT and security to enable people to work securely as well as protect their customers. This change has had a significant impact on how organizations approach their security process, as well as the technology they use, shifting from a on-premises and centralized architecture to a remote/hybrid and distributed one. The question remains whether this will be the new normal, or will organizations revert-back to the way they were doing things before the pandemic, or will it be a hybrid of both?