ScienceSoft’s Penetration Testing Consultant: “Security Is Everyone’s Responsibility”

In the recent interview to Private Internet Access, Penetration Testing Consultant, CEH, Uladzislau Murashka told how ScienceSoft has become a one-stop shop for companies struggling with security challenges and dwelled on cybersecurity arms race he witnessed over the last decade. Uladzislau explained why “security is everyone’s responsibility” is a winning strategy and offered practical tips for the users with little technical knowledge to protect their data.

We gladly share several quotes here and invite you to read the full interview with Uladzislau Murashka on Private Internet Access.

“What do you love about working in cybersecurity?

First of all, it’s doing something that really makes a difference. Cybersecurity professionals are the shield that guards against the ever-evolving cyber threats. We help create a secure IT environment for businesses to grow and deliver better services and products. Also, security testing is rarely boring and offers endless room for personal and professional growth. To succeed, I need to think like a cybercriminal and stay aware of the state-of-art hacking techniques. Each project we partake in is unique: there are no identical IT infrastructures, different apps have their specific nuances, each industry has its own data security regulations, and so on. All this makes my job challenging but very rewarding.

How have cyber threats evolved in your time at ScienceSoft?

While cybercrime was always present, it has definitely reached new heights since 2014, when I joined ScienceSoft. In almost a decade since then, it has reached new heights. Simple malware like Trojans has given way to more complex ransomware such as NotPetya or WannaCry, and there’s no limit to the evolution of hacking technology.

Cybercriminals have always kept an eye on major changes in the society as well as digital technology and looked for innovative ways to take advantage of them. For example, they eagerly target new technology, such as IoT, VR/AR or blockchain, as they know that these domains lack security for now. The COVID-19 pandemic also turned out to be a golden era for cybercrime. The worldwide shift to remote work made corporate IT infrastructures more complicated, less controlled, and therefore more vulnerable. No wonder we witnessed a spike in security breaches at that time.

To sum it up, cyberattacks have been growing in number while getting more sophisticated and devastating. Of course, the capabilities of security tools have evolved as well. In particular, AI-powered solutions and security operations automation enable IT teams to efficiently detect and respond to cyber threats.

However, to win this arms race, we need to understand that security is the responsibility of everyone, not just cybersecurity experts. Organizations must nurture corporate security culture and adopt a security-by-design approach when developing their new services and products. Plus, we, as individual IT users, must stay vigilant and practice good cyber hygiene.”