CYBERSECURITY: THEORY AND PRACTICE OF RELIABLE PROTECTION

CYBERSECURITY: THEORY AND PRACTICE OF RELIABLE PROTECTION

Mon, 05/31/2021 - 12:36

Kaloyan Vasilev, manager, on the working solutions that provide safety on the Internet

Kaloyan Vasilev, manager of CyberSecurity
Kaloyan Vasilev, manager of CyberSecurity

The security of your personal and corporate data on the Internet is possible – when you know how to do it and have the needed support. You will find it at CyberSecurity. The Bulgarian company offers complete solutions created with clients' real needs in mind: a full range of cybersecurity services, subscription programmes, virtual resources such as secure VPN and Proxy servers, educational resources and trainings, security analysis by the so-called Blue Team and Red Team.

Kaloyan Vasilev, manager of CyberSecurity, tells more.

Which were the most significant changes in the field of cybersecurity in the past year?

The freeing of office volumes and their replacement with mobile ones. The change started as early as 2019, when some companies, mainly IT ones, realised that it was cheaper to have employees working from home. Many employees left the offices for significant periods of time which created the need to provide all of them with company devices. This happened en masse in 2020. The migration of employees created additional problems to the companies' IT divisions: providing secure connection to office resources, controlling a large number of unsafe home networks, protecting devices from external attacks, protecting data.

2020 was the year of migration from personal to company devices and upgrading of new work conditions. Threats also changed. Employees are not in a single network and location anymore, which decreases the benefits of attacking office networks. The increased use of cloud services and VPN connectivity improved the security of transferred data and forced hackers to use more and more complex phishing attacks to acquire access to services and devices. As a result we observed some very successful attacks that compromised thousands of users each day.

Which are the biggest mistakes companies continue to make?

The lack of employee training and education remains cybersecurity's main problem. It does not matter what protection software you use. It will not help you if users are not aware of the threats on the Internet and do not know how to react.

Currently, problems have been multiplying. Before they concerned the office only, and now they concern each employee, their home network and devices, the household's accounts.

Another common problem is user configuration. Small companies still register users as administrators in systems with access to key corporate services. The bigger problem is the lack of understanding about the nature of the problem. It is not about whether the owner trusts the employee, but what the hacker would have access to once they hack the employee.

How can CyberSecurity help?

Our analytic reports objectively describe the identified problems. If you follow our recommendations you will have a very high level of protection. An employee training is a wonderful addition. If the analysis seems too complicated and you do not know how to implement its recommendations, we can do it for you. When you need the highest level of protection we have services such as VPN connectivity, a private Proxy, sensitive data encryption, traffic filtering and others. We can always add something new to your systems and data security.

What is the first thing that CyberSecurity does when starting a partnership with a new client?

CyberSecurity offers a rich range of services such as penetration testing, device analysis for unauthorised access, system security auditing, system and device configuration etc. The approach is different in each service.

In penetration testing we take the role of hackers attacking the systems. During device analysis we create an anamnesis of the client, as if we are medical doctors – how is the device used, was some strange behaviour observed, etc. On the basis of this anamnesis we seek signs for compromised security.

In conscription programmes we analyse the work method and used tools. Offering customised solutions is important for the clients and depends on the analysis of their work processes. We propose future solutions on the basis of this analysis. We configure the systems in accordance to the requirements, we train the employees and then we retire in the shadows. We are still present, if we are needed, but clients do not have to notice us to know that we are protecting them. If there is a problem, we will react as fast as possible.

Should we own the last generation of technology to be protected?

No. Newer devices somewhat guarantee better protection, but this might be misleading – if the used systems are old or badly configured the protection will remain low. Imagine this situation. Two drivers are driving in the country, facing the sun. The first drives a new car and is speeding up. The other is in an old car and drives slowly. The low sun blinds them both. The new car driver is shading his eyes with his palm. The one in the old car is wearing sunglasses. Who is in a riskier situation?

It is the same with devices. Old technology is slower, the battery dies more easily. But this does not mean that it is riskier. When correctly configured and equipped with new systems an old device can be much more protected and reliable than a new one. Of course, old hardware has its drawbacks, but when we take them into consideration things can be safe.

What is the difference between your Red Team and Blue Team?

The two teams are in a constant competition. The Red Team constantly tries to breach the protection, and the Blue Team constantly tries to improve it. Their approaches are radically different.

The Red Team relies on analysis from a hacker's point of view. They do not know what systems are used, how they are configured, who and how uses them. On the basis of collected data they initiate different attacks to overcome the defence, often using reverse and social engineering. For the Red Team it is important to breach the defence and to show there are weaknesses in it.

The Blue Team relies on systems' analysis. They know very well how they are configured and used, and seek weaknesses and ways to isolate them. They rely on reverse engineering to solve problems that have not been foreseen by the manufacturer. The Blue Team is also responsible for damage control during an eventual breach.

www.киберсигурност.бг

Web Exclusive

Commenting on www.vagabond.bg

Vagabond Media Ltd requires you to submit a valid email to comment on www.vagabond.bg to secure that you are not a bot or a spammer. Learn more on how the company manages your personal information on our Privacy Policy. By filling the comment form you declare that you will not use www.vagabond.bg for the purpose of violating the laws of the Republic of Bulgaria. When commenting on www.vagabond.bg please observe some simple rules. You must avoid sexually explicit language and racist, vulgar, religiously intolerant or obscene comments aiming to insult Vagabond Media Ltd, other companies, countries, nationalities, confessions or authors of postings and/or other comments. Do not post spam. Write in English. Unsolicited commercial messages, obscene postings and personal attacks will be removed without notice. The comments will be moderated and may take some time to appear on www.vagabond.bg.

0 comments

Add new comment

The content of this field is kept private and will not be shown publicly.

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.

Discover More

Yordan Iliev, co-founder and CEO of MY Synergy
MY SYNERGY: CREATING HEALTHCARE OF TOMORROW
Modern healthcare, both treatment and drug manufacture, is impossible without the IT technologies. But how an inherently conservative, regulated and monitored field like healthcare can be combined with the quickly developing and ever-changing IT field?

Lilly Todorova, manager and owner of LYLYT BEAUTY STUDIO
LYLYT BEAUTY STUDIO: HEALTHY, BEAUTIFUL AND HAPPY
The appearance of your dreams can be achieved only with complex and systematic care: cosmetic procedures and top-quality products, body sculpting and epilation, a healthy diet and being physically active, maintenance.

A Place to Call Home
A PLACE TO CALL HOME
We all crave living closer to nature, we all are tired of the noisy, busy urban environment. Those of us who cannot move permanently out of the big city have an alternative option.

ayva beauty
YOUR BEAUTY IS IN YOUR OWN HANDS WITH AYVA BEAUTY LED MASKS
AYVA Beauty is a revolutionary innovation that makes this possible at home. Maria Marcheva, manager and owner of AYVA Beauty, reveals more. For whom are the LED equipment and therapies offered by AYVA Beauty?

Miklos Schmidt, Global Head of Cargotec Business Services and General Manager of Cargotec Bulgaria
CARGOTEC BUSINESS SERVICES: NORDIC COMPANY CULTURE MEETS BULGARIAN TALENT
In ports, on roads or at sea, Cargotec is a Finnish company dedicated to helping businesses keep goods moving efficiently and safely by optimising cargo flows.

Dr Serdev
SERDEV CLINIC FOR SCARLESS COSMETIC SURGERY
When cosmetic surgery is concerned, there is no space for improvisation, experimentation and impulsivity.

103 Spa Hotel
103° HOTEL & SPA: THE FORTRESS OF HIGH-LIFE
The combination of comfort, functionality and style helps you to escape from everyday stress and monotonous urban living.

103 alpine exterior
103 ALPINE HOTEL: A FEEL OF EXCLUSIVITY AT THE FOOT OF THE RILA
103 Alpine embodies the idea of highlife living and redefines the idea of exclusive vacation at the foot of the Rila Mountain, far from the buzz of the crowds.

Magic outdoor
MAGIC OUTDOOR: THE MAGIC OF OUTDOOR ADVERTISING
Every step you take in the streets of Sofia and beyond, you absorb the messages of brands who have trusted the expertise of Magic Outdoor, a studio for wide-format digital printing, design, and advertising.

karanova silk pillow panda.jpg
SAVE RED PANDAS WITH SILK PILLOWS AND KARANOVA!
We at KaraNova are very happy and proud to announce that we took the initiative to adopt 2 red pandas, a species that is endangered by extinction.

Megapark
#OFFICE. LIKE. HOME. MEGAPARK REDEFINES THE OFFICE EXPERIENCE
What is the future of the office? For a year now this is the question that provokes discussions and analysis among business and real estate professionals.

Dr Stoyan Kazakov, DMD
DR STOYAN KAZAKOV, DMD: WHY YOU SHOULD NOT BE AFRAID OF DENTAL SURGERY
Dr Stoyan Kazakov, DMD, is one of the professionals who you should have at your side when your oral healthcare is concerned.