The notable shortage of cybersecurity specialists on the market in recent years has become particularly problematic in 2020. The pandemic, which has led to a widespread shift to remote working, has also highlighted the need to change security strategies at many companies. Even small firms have realized that the skills of their IT administrators are no longer sufficient to ensure business continuity and protect corporate information.
Management faces a choice: Hire an additional information security specialist or provide specialist advanced training to existing IT staff. Both approaches have merit, but the second is where we can help you out.
The changed threat landscape
The best person to explain what has changed since the beginning of social isolation and stay-at-home orders is your own IT administrator. The task of making remote work convenient for workers was foisted on IT departments, and in most cases they have been able to cope with the challenge, providing access to corporate information systems, setting up new services, and helping employees troubleshoot any difficulties that arose.
But within just a few weeks, it became clear to many that new processes required new security mechanisms. That happened primarily because all sorts of attackers became active, sending phishing messages and carrying out BEC attacks on employees working from home, although attempts to brute-force remote access tools have seen explosive growth as well.
Employees have complicated the situation. Finding themselves in unfamiliar and uncomfortable environments, many took it upon themselves to search for tools to facilitate teamwork. In many cases, they didn’t bother to seek IT specialists’ approval for the use of those applications and services, and they rarely showed much care in securing them.
As a result, IT administrators not only had to keep an eye on a bunch of new factors in their workplaces, but they also had to think of ways to make remote work as secure as possible. Gaining a deeper knowledge of today’s threat landscape and a better understanding of what is happening at employees’ remote workstations has become paramount.
How we can help
The Kaspersky Endpoint Security Cloud solution, which protects employee workstations, is one of the key tools in our arsenal. Because it works in the cloud and does not require additional hardware, it does not place an unnecessary load on IT resources. At the same time, the administrator can manage the solution from a single cloud console. One of its latest feature updates is a mechanism for detecting shadow IT systems, which are the very cloud services employees use to work with corporate data without informing their IT department.
However, our colleagues continue to improve the solution. Seeing that many administrators lack a full understanding of modern cyberthreats, they released a new experimental feature, Cybersecurity for IT Online, a training tool you can access directly from the same console. We’d say the course brings IT solution managers’ knowledge up to the level of a beginner security expert.
At the moment, training focuses specifically on improving understanding of malicious software. It teaches users basic malware classification and how to recognize dangerous and suspicious behavior, and it offers interactive tasks in a simulated environment. Students acquire the skills of an incident detection specialist.
The feature has been implemented in the beta version of the solution, and our experts are prepared to expand the range of available lessons if we see a demand for that. Another innovation in this version of Kaspersky Endpoint Security Cloud is product video guides, also accessible from the console. The guides will help employees set up the new solution without having to hunt through manuals.
To learn more and try out the demo version of Kaspersky Endpoint Security Cloud, you can download it here.