Redsquid's new Apprentice Interviews Triumph's Managing Director
Redsquid’s new Apprentice Farhan interviews Cyber Security specialist Dave, our Managing Director of Triumph, to discuss the different threats to your business and underlining the security measure you need to put into place to secure your business. With 20 years of experience he’s a wealth of experience and knowledge of best practise for everything cyber security.
For Redsquid’s 15 year’s anniversary we are conducting a series of interviews with some of our team members- each with a different specialist and topic. 1st up, an interview with Dave, our Managing Director at Triumph, who we merged with in June. Read along for the interview conducted by our new apprentice Farhan.
What do you believe are the biggest threats in cybercrime right now?
The biggest threat to businesses is the end users, which we find behind the screens. Cyber criminals find it easier to hack end users rather than actual hardware and systems. As humans we make mistakes every now and then, which means we’re easier to attack and therefore more exposed. Because of that, businesses need to keep training their end users. Therefore, businesses needs to make sure users are kept up to date with new threats and educate them on how to handle those situations. Most importantly, we need to encourage the end users to report any suspicious activity to their IT teams.
As an apprentice you’ve been through end user training at Redsquid, it’s given you some insight on how accessible company information is. Now more often than not, the systems and devices are too hard to access for a hacker. Because of this, they rely on users to make mistakes for them.
With 20 years of experience, what trends have you seen in cybercrime?
The obvious trends is the increase we’ve seen throughout the recent years. I’ve seen it progress from Malware and Viruses to more social engineering types of attacks. A common one is when hackers pretend to be someone else on the phone or email as a means to contact you, pretending to be someone you know. On the other hand we’ve got different types of attacks such as, when the accounts team will get an email supposedly from their FD or MD asking them to transfer funds to a suppliers account. This example of-course isn’t from the FD or MD, it’s from the scammer. However, trends will continue to chance and we will see social engineering be something more visible. This could come in form of a USB stick. There have been cases where people have left them out in a car park, and without a doubt people will use the USB. It plays with people curiosity a little and then becomes a much bigger problem for businesses.
Crypto Locker attacks are also still very prevalent. This is essentially a virus that will display a warning on the screen, which indicates that your data will be destroyed. Say you were not to pay the ransom you’ll not obtain the private key.
What can businesses and individuals do to prevent cybercrime?
Businesses shouldn’t assume they are safe. The next proactive step for a business that is worried or just curious about their cyber security, they should get a security review done and action the urging points. Cyber Security might not be the first thing on your mind. However, it’s one of the most important things and can make or break a business.
Whether I feel businesses think they’re at risk or not, I would say it’s dependant on the different types out there and what data they store. There’s some classic garage books out there that aren’t too at risk for an attack, because they store their data in books. However, other businesses process health claims. They will be storing extremely sensitive data and are acutely aware of the dangers. A breach for them will put the business under, so they are very much aware of this.
There are many dangers within cyber security. This is why end user training can really make the whole difference. Throughout my years I’ve definitely found that having that worry about security will instigate action.
For businesses starting out with implementing cyber security, we have created a security checklist to follow.
What technology do you think is key to help us protect businesses?
Multi-factor Authentication, this is a key one. Essentially that means to access a resource in your platform, you need to prove who you are by having that system linked to your smart phone. For example if you try and access your Gmail account through another device that you’re not frequently using. You will then be sent an email via your phone which confirms it’s you trying to access your account. A common way hackers are getting access, is from guessing usernames and passwords, that’s when dark web comes into play. Information is accessible through the dark web, essentially if hackers wanted valuable information, they have access to it. That’s why it’s vital to have a secure and strong password. Luckily, there’s material out there to guide you on how to make a secure password.
I would extend from that and say no matter what security technology you put in, the only real safeguard is good back-ups. So even if your main server was hacked, you’ll essentially have a backup. Consequently, the hacker would have your company information, however you wouldn’t be completely locked out. So having a good back up system means you can always get your data back that way.
As Managing Director of Triumph, how will this merger with Redsquid change the business as a whole?
From this merger we will achieve improved customer experience. We will have a broader set of services, more specialist people in more relevant areas. From doing this it will help improve efficiency for the customers and us. As a result of this merger, we’re part of a much larger team which means more creative power and collaborations on projects for our customers. This means we can offer a wider variety of solutions. Which will result in more specialised team members and allow us to deliver projects better for our customers.
Now when it comes to being part of Redsquid, this is the part I’m really excited about, becoming a part of a larger team. I love working with people and getting new ideas. When you work in a team, it doesn’t matter who gets us there, it’s doesn’t matter where those ideas come from as long as we get there. Having a larger team would then mean we come up with better ideas, products and do a better service. And with team work there needs to be frequent and constant good communication between Redsquid’s team and myself. For a lot of our ideas and projects to be implemented, communications needs to be there. I’m more than excited to come together and talk about these projects.
To conclude, Dave has talked through the different types of cyber crime. From social engineering to the dark web. From crypto locker attacks to Multi-factor Authentication. As a new Apprentice, I thought my first couple Interviews would be important so I chose Triumph’s Managing Director as a qualified candidate for my research. Since it’s the 15 years anniversary of Redsquid, we thought it was exciting to interview our team members. We are now part of this merger and I thought it would be interesting to do an interview with a Triumph’s Managing Director. I thought this topic would be interesting to look into and learn about. I’ve learn’t the essential part that security plays within a business when it comes to them feeling secure. Cyber Security seemed fitting as a topic since it’s such an interesting and crucial subject which can make or break a business. Getting to know the Managing Director of Triumph has been a great way to start my apprenticeship and can’t wait to collaborate with him more and do more Interviews in the near future.