3 Cybersecurity Takeaways from CDW Canada’s 2022 Business Technology Expo
From a cybersecurity standpoint, many important insights were shared over the course of two days. In case you missed it, here are three of the top takeaways.
From June 7-8, we hosted our annual Business Technology Expo (BTEX), which included presentations, panel discussions and demos from over 60 top technology companies and CDW experts.
After two years of virtual events due to the pandemic, we were beyond excited to be able to host a hybrid event for the first time. Activities took place both in-person and virtually for one of the most engaging and integrated BTEX experiences yet.
From a cybersecurity standpoint, many important insights were shared over the course of the two days. In case you missed it, here are three of the top takeaways.
1) Observability, Resilience and Recoverability are Key
When viruses enter an organization’s systems, it can be helpful for IT technicians to think of their approach to cybersecurity as surgical. There are multiple steps to this approach, the first being observability. Much like a diagnosis, observability involves dissecting the anatomy of your data and the attack itself.
To get prepped for the ‘surgery,’ it is important for technicians to ask themselves the following questions:
- What is the sensitive data?
- Where is it located?
- Who has access to it?
- When did the malware enter the environment?
- What strain of ransomware attack was used?
- Have there been any deletions or modifications to the data?
After the surgery comes a treatment plan – resilience and recoverability. This involves quarantining data, restricting user access, retaining infected snapshots and restoring affected files through a clean recovery process, without mistakenly reintroducing the malware.
2) IT Takes a Village
There is strength in numbers, and it is important not to underestimate the importance of the human element –cybersecurity is most robust when a combination of systems and IT technicians are deployed.
Each system has a weakness, and many are rapidly becoming obsolete and out of date as modern technologies advance beyond their repair. IT technicians and staff also have their limitations, as most attacks take place outside of regular business hours. In addition, many elements of cyberattacks are outside the control of the defending IT expert, despite their talents. To ensure a fulsome, 24/7 approach to cybersecurity, organizations should adopt automation and understand that a combined effort between systems and humans is key to long term success.
3) Efficiency is Everything
Accidents happen, and when they do, an organization’s first response is critical. Malware continues to be a major threat to organizations, entering the environment 21 to 28 days before an attack, which makes reaction time even more important for organizations. Having a robust incident response plan in place is an effective way to ensure your organization is positioned to act quickly and responsibly. Response plans should be short, simple and accessible to even the newest or most junior member of the team. Response plans also should be tested and updated on an ongoing basis so gaps can be proactively bridged before malware has an opportunity to invade.
This underscores why practices like penetration testing are so important, and why leveraging a trusted third-party IT partner is necessary to better understand your security posture and protect your data and brand reputation. Whether you are a large enterprise looking for a security check-up or a small business unsure of where to start, a security assessment can offer peace of mind and identify vulnerabilities in your security posture that you may not have even known existed.