The People Behind Cybersecurity

Earlier in my career, I worked for an organisation called Endace, which focused on capturing every single data packet to provide continuous network recording and playback for forensic cybersecurity investigations.

This made me realise the sheer potential of this area and inspired me to pursue a career in cybersecurity to learn more. My passion led me to undertake a Doctorate in the area of “Security of Multiprocessor System-On-a-Chip” at the University of NSW in Sydney, which launched me into my Cybersecurity career.  

My current role at Fortinet is a continuation of my ongoing journey in this industry, which is to find more efficient, practical and comprehensive solutions for businesses.

As a leader of the cybersecurity engineering team, I engage in sophisticated research into both the digital landscape as well as individual organisations to find ways to solve security problems based on their unique circumstances.

Through an in-depth look at a particular business, my team and I able to uncover their security requirements and then focus on addressing those challenges with real solutions.

We find that businesses work best when we provide them with a bird’s eye view of their systems combined with insight into how to effectively manage vulnerabilities.  

One of the biggest changes we’ve seen has been the rapid adoption of Cloud technology, with businesses adopting a multi-cloud model built around public, private or hybrid cloud environments.

There have also been a lot of changes in areas such as device authentication, including biometric authentication via retina, face, voice, and fingerprint scanning.

At the same time, sophisticated technology such as IoT Smart devices, including Fridges, Voice Command AI and Wearable Tech, have become widely available and commonplace. While these are all fantastic advances, and offer us all a high level of convenience, they also come with associated levels of cybersecurity risks that businesses of all sizes must be aware of.

New technologies are great because they offer businesses more flexibility and utility; however, organizations often underestimate the threats that come with these devices.

For example, businesses protect their corporate servers and endpoints but forget all about the Smart Devices that they have deployed in the workplace that end up becoming exposed to cyberattack and then serve as a backdoor entry into their systems.

Unfortunately, there is an information overload of content out there, and people don’t have time to read all of it, let alone take the time to understand what it all means and consider how reliable it is. Which leads to cybersecurity issues being underestimated or forgotten entirely. 

Small to medium enterprises, in my opinion.

Bigger corporations have the resources to take the necessary precautions to protect themselves as much as possible. Smaller businesses on the other hand, often fail to consider themselves as a potential target. Additionally, they often don’t have the time, resources, or skillsets needed to assess, select, and install the right security measures needed to protect their intellectual property, and once they become a target, they often suffer financially as a result.

The best approach is to be actively thinking about the potential vulnerabilities of your business, especially if your business model is developing or is in flux. If you don’t know what or where to install the tools you need to keep your digital assets safe, you really ought to be consulting with someone like me.

We all take steps to implement physical security measures, such as locks and alarm systems, however many organisations don’t apply the same precautions to their digital assets, despite using them to conduct business every day.

I always recommend that owners take the time to educate both themselves and their teams about the threats out there in order to become more aware of how to keep their business safe. There are seminars, workshops and presentations all the time that are available and worth attending.

People can be the weakest link, and this most often happens through misunderstanding or underestimating cybersecurity requirements; so investing in closing this gap can really save your business.   

Unfortunately, I do envision further and more advanced threats. While financial motivations continue to drive a lot of cybercriminals behaviour, there are almost as many reasons why someone would target your organization as there are tools and methods to attack you with. The result is that you don’t exactly know who out there wants to exploit your information, so you have to always be vigilant. But what we do know is that as technology becomes more advanced, so do the potential attacks.

Fortunately, cybersecurity companies like Fortinet are always researching and refining the latest technologies, such as AI and automation, to use them to assist in detecting and guarding against new and changing threats.

In the highly digitalised world, I always tell businesses that things are moving fast, so they need to be open to change and remain well informed.