ScienceSoft’s Head of SIEM: “SMBs Are a Very Common Target”

In the recent interview to CyberGhost, ScienceSoft’s Head of SIEM Department Dmitry Nikolaenya explains how our security team helps prevent corporate data breaches, speaks about major cyber threats targeting SMBs, and explores cybersecurity challenges of mixed reality.

We are proud to cite the selected parts of the conversation here. You are welcome to read the full interview with Dmitry Nikolaenya on CyberGhost.

“What are some of the biggest cyber threats that target SMBs that you’ve seen, and is there any way to prevent them?

Owners of smaller businesses may mistakenly think that hackers only attack large companies. In reality, SMBs are a very common target: while they often have the valuable data that cybercriminals hunt for (financial information, personally identifiable data, intellectual property, etc.), they are likely to lack the necessary cybersecurity skills, polices, and tools to reliably protect this data. The most common threats that these companies face are phishing attacks, malware, including ransomware, and security breaches due to human error.

To minimize the likelihood of a security breach, SMBs should therefore first and foremost build a security culture within the company: raise employees’ cyber awareness through training and conduct social engineering tests to see how well they can respond to real-world attacks. Up-to-date security tools (e.g., firewalls, antimalware, IDS/IPS, SIEM) that help prevent or detect malicious activity is definitely a must for a company of any size.

To build a well-rounded IT security system, SMBs should undergo a comprehensive security assessment of their IT environment. It will help identify weak spots (poor or missing security policies, network or software vulnerabilities) as well as define and prioritize the required remediation measures. Having their IT security managed by a reliable vendor is often the best strategy for SMBs, as it gives easy access to a vast pool of advanced cybersecurity skills and tools while offering affordable pay-as-you-go pricing.

I see that ScienceSoft has a division that works with mixed reality – can you talk about some of the cybersecurity challenges that occur in this realm?

Mixed reality apps often gather a huge amount of personal data about their users: their location, surroundings, activities, even health information. As the devices that support MR (smartphones, headsets) commonly rely on Bluetooth and Wi-Fi, hackers can perform man-in-the-middle attacks to intercept sensitive information. Depending on the kind of information they manage to get, they can use it for sophisticated social engineering attacks, identity theft, or even to blackmail the user.

Plus, malicious actors may disrupt the availability of MR infrastructures with ransomware and DoS attacks or manipulate the mixed reality content – that can endanger critical operations like surgical procedures or safety checks at manufacturing sites.”