Updated on: June 14, 2024
Welcome to another interview by Safety Detectives, where experts from the best companies in the world analyze the current state of cybersecurity and online privacy in their industry.
My guest today is Jordan Ellington, CTO and Chief Architect of SessionGuardian, a company founded to address the pressing need for secure hybrid and remote access to highly confidential information.
Jordan’s career in enterprise application development spans over 30 years, focusing primarily on document collaboration systems for major corporate entities, financial services institutions, and prestigious law firms. Prior to his current role, he was co-founder and architect of an electronic Trial Master File (eTMF) system that hosted FDA-regulated documentation for clinical trials.
What are the most common or overlooked cyber threats and online scams that you see in your industry?
In the realm of document collaboration and remote access, the most common cyber threats include phishing attacks, ransomware, and unauthorized access due to weak identity verification processes. Overlooked threats often involve insider threats, where trusted employees or partners inadvertently or maliciously compromise sensitive information. While cyber attacks can be extremely sophisticated in nature, exploiting the human element is the most common and often the most productive attack vector (80%+ according to IBM and others).
What are some of the most creative or sophisticated online scams you’ve encountered in your career?
A recent and particularly alarming case involves a woman in Arizona accused of helping North Koreans find remote jobs in the U.S. by stealing American identities. She allegedly operated a “laptop farm” to make it appear as though North Korean IT workers were physically in the U.S. This scheme, which involved around 300 U.S. companies, generated nearly $7 million, potentially funding North Korea’s weapons program.
That’s an example of why we at SessionGuardian emphasize the need for continuous identity verification to ensure that only authorized individuals are accessing your sensitive information. This additional layer of security is crucial in mitigating risks introduced by such sophisticated and creative scams. By continuously verifying the identity of users, we can significantly reduce the chances of unauthorized access and protect against these evolving threats.
Have you or your organization experienced any cyber threats or incidents? If so, can you describe what happened and how it was handled?
Given the nature of our business at SessionGuardian, we are a primary target for cyber threats. We have faced several attempts, including DDoS attacks and phishing attempts aimed at compromising our systems. Each incident was handled swiftly by our dedicated cybersecurity team, employing advanced monitoring, rapid incident response protocols, and continuous improvements to our security infrastructure. These measures ensured that we could effectively mitigate the threats and protect our sensitive information.
Are there particular aspects of your industry that make it more susceptible to these types of cyber threats? Or do you think people just overlook/underestimate them? Why?
The legal and heavily regulated sectors such as financial services,healthcare and public sectors are particularly susceptible to cyber threats due to the highly sensitive nature of the information they handle.
📈Last year, 47% of all data breaches were in the healthcare and financial sectors.
Additionally, we often serve outsourcing companies that sometimes view cybersecurity as a profitability issue, resulting in a lower than optimal security posture, especially with remote BYOD workers. Many organizations in these sectors often underestimate the sophistication of modern cyber threats, believing that traditional security measures are sufficient.
We are working to change this paradigm by adjusting the cost model so that cybersecurity expenses are charged back to the end-client, who is typically more than happy to have better security for a marginal cost increase. This approach not only improves security but also aligns the financial incentives with the need for robust protection.
The prospective cost of a breach far exceeds the licensing cost of SessionGuardian.
What lessons have you learned from dealing with cyber threats and online scams in your career?
One crucial lesson is the importance of continuous education and awareness for all employees, as human error is often the weakest link in cybersecurity. Additionally, implementing multi-layered security measures and staying vigilant against emerging threats are vital. Regularly updating and testing incident response plans ensures that we are prepared to handle any breaches effectively.
Are there any cybersecurity tools and practices that you or your organization rely on?
SessionGuardian relies on a suite of advanced cybersecurity tools, including endpoint protection software, intrusion detection systems, and continuous identity verification technologies. Beyond the standard security best practices that an ISO27001 certified cybersecurity company employs, we also use our own SessionGuardian software to protect our client’s information when it is accessed remotely. These tools work in tandem to provide comprehensive protection against a wide range of threats.
Some of my favorite practices include regular security training sessions for employees, strict access controls, and implementing the principle of least privilege*. Additionally, I advocate for routine security audits and vulnerability assessments to identify and mitigate potential risks proactively.
This approach helps to mitigate the risk of data breaches and other security threats by reducing the attack surface and limiting the spread of malware by ensuring that users have the bare minimum privileges required to complete their tasks.
* The principle of least privilege (POLP) is a cybersecurity approach where users (either human or non-human) are granted access to only the data and resources necessary to perform their daily functions. POLP can be also called principle of minimal privilege, access control principle, or principle of least authority.
How do you balance the need for cybersecurity with other business priorities?
As a cybersecurity company, we need to lead by example, ensuring that our own security measures are robust and exemplary. By embedding security into the development lifecycle and promoting a culture of security awareness, we ensure that cybersecurity measures complement rather than hinder business operations. This commitment to excellence in our own practices not only protects our assets but also instills confidence in our clients and partners.
What new trends related to cyber threats and online scams have you observed recently?
Recent trends include the rise of AI-driven cyber attacks, where machine learning algorithms are used to create more sophisticated phishing and malware campaigns.
There is also an increasing focus on targeting supply chains and third-party vendors to exploit weaker security measures. Additionally, the growing adoption of remote work has introduced new vulnerabilities that cybercriminals are eager to exploit.
At SessionGuardian, we believe that adding a continuous identity verification layer to the authentication process limits the risk introduced by these new AI-driven security threats. This proactive approach enhances security by ensuring that only authorized individuals have access to sensitive information at all times.
To Learn More about SessionGuardinan
Website: https://www.sessionguardian.com/
LinkedIn: https://www.linkedin.com/company/sessionguardian
X: https://twitter.com/sessionguardian?lang=en
To Learn More about SessionGuardinan
Website: https://www.sessionguardian.com/
LinkedIn: https://www.linkedin.com/company/sessionguardian
X: https://twitter.com/sessionguardian?lang=en