Code42-Time-to-Bring-Shadow-IT-Into-the-Light

It’s Time to Bring Shadow IT Into the Light

Mention shadow IT to most enterprise IT and security professionals, and you are likely to elicit a frown. It’s understandable. At its worse, shadow IT, such as an unsanctioned server or cloud storage service, operated (shall we say, less than ideally) by business managers, can place systems and data at serious risk.

However, there’s another side to shadow IT. Shadow IT allows staff to choose their cloud apps and services, which helps improve productivity and drive innovation. Not to mention increase employee happiness. 

Still, shadow IT can and does pose significant risks to the organization, such as with the poorly managed server we mentioned. When users decide what cloud services they’re going to use themselves or how to collaborate with co-workers, IT loses visibility into these systems and data. Ultimately, what this means is enterprise data is scattered across multiple cloud services, and visibility into vitally important data is lost. Not good.

“ According to Gartner, shadow IT comprises roughly 40 percent of enterprise technology purchases. That is, business leaders decide, manage, and control nearly 40 percent of technology purchases. ”

After all, if IT doesn’t know a technology is in place, then it’s impossible to secure it or the data it holds. And it’s impossible to know who is accessing that data and why. 

Regardless, shadow IT is a permanent part of the enterprise landscape and IT and security teams need to adapt. According to Gartner, shadow IT comprises roughly 40 percent of enterprise technology purchases. That is, business leaders decide, manage, and control nearly 40 percent of technology purchases.

That much technology and the data it holds can’t remain to lurk in the shadows. 

We know why business users are so quick to embrace shadow IT. It can often take weeks or months for IT departments to deploy new servers or applications. But with only a credit card, business users can access cloud applications and services within minutes. 

The question becomes, how do IT teams harness that innovation from their staff, while also ensuring their data is adequately secured and protected?

They need to bring it out of the shadows. 

The first step is to assess what shadow applications and cloud services are in place so that there is an accurate baseline of the cloud applications and services in use.

There are a number of ways to achieve this, and the best method depends on the nature and size of your organization. You could start with a simple survey of the business groups to collect information on the applications they are using. Or you could begin by monitoring traffic and endpoints to see what applications are in use and where data is traveling. 

However you establish your baseline, the important thing is to get started. 

“ Now that you’ve identified shadow IT, whether it be cloud apps, storage or platforms, the goal shouldn’t be to reprimand or shut down these services. It should be to ensure the services that the staff has chosen are correctly managed and secured. ”

Now that you’ve identified shadow IT, whether it be cloud apps, storage or platforms, the goal shouldn’t be to reprimand or shut down these services. It should be to ensure the services that the staff has chosen are correctly managed and secured so that IT and security teams have adequate data visibility. That is, they can see what data is flowing to these services and ensure access to that data is controlled, and that the data is protected and recoverable. 

This way, when that poorly managed server is uncovered, it can be an opportunity for an educational moment. Staff can be made aware (or reminded) of how vital patching and systems updates and properly monitoring systems and data are to the security of the organization. And rather than taking the server down, IT can then monitor and properly manage it. The same is true for all cloud services and applications. Rather than trying to ban them all, manage them. 

One way to manage them is to use a solution like Code42 Next-Gen Data Loss Protection. It was built to collect information about every version of every file, giving businesses full visibility to where data lives and moves — from endpoints to the cloud. With that kind of oversight, security teams can monitor, investigate, preserve and ultimately recover their valuable IP without having to block data use or rely on the restrictive policies that are part of traditional data loss prevention (DLP). Instead of security teams working with limited visibility to a subset of files (when they need to gauge the risk of all their data) or hindering employee productivity, next-gen DLP helps them foster open, collaborative work environments.  

When shadow IT is managed in this way, the organization derives some distinct advantages. IT and security teams become better business enablers and support the needs of staff and business users. They become a trusted advisor and facilitator that helps the organization go forward securely.

Shape Technologies Group Relies on Next-Gen DLP

Shape Technologies Group Relies on Code42 Next-Gen Data Loss Protection to Safeguard Data

As industry leaders seek to consolidate their positioning in the global marketplace, mergers and acquisition activity continues to surge. In 2018, companies announced more than 50,000 transactions worldwide for a total value of approximately $4 trillion.  However, only one out of five M&As achieves its potential value. 

One culprit for lackluster M&A results? Losing valuable IP—much of which lives on employee endpoints—from the sell-side company during the acquisition process. Much of an acquisition target’s value lies in its IP. In order to get the full value of an acquisition, buy-side organizations must identify, locate, secure and safely migrate the IP of the sell-side company. And it has to happen fast.

IT implications for growth

One company that’s garnering top value from the IP of its merger and acquisitions is SHAPE. You likely encounter the results of SHAPE’s waterjet cutting solutions every day. Its technologies are integral in many industries such as auto, aerospace, food, mobile and fabrication. Since 1974, the Kent, Washington-based company has delivered more than 13,000 waterjet systems to customers in more than 100 countries.

The global company employs 1,400 workers in more than 20 offices in North and South America, Asia and Europe. The organization’s goal is to double in size over the next four years to reach $1 billion. In addition to strong organic growth, one of SHAPE’s growth strategies is acquisitions — many of which are smaller companies and some are overseas.

With such aggressive growth targets come data security and IT challenges. 

SHAPE turned to Code42 for its Next-Gen Data Loss Protection (DLP) to help protect precious IP during M&As and against loss or theft during employee departures.

“ Some of the companies SHAPE acquires don’t have sophisticated security and IT programs, so SHAPE’s IT team must quickly get their data secured, integrated with their core technologies and aligned with IT standards. ”

Protecting sell-side company data

A large part of the value proposition when SHAPE buys a company is the IP that comes along with it. Unfortunately, that data is easily put at risk by employee actions and departures. That’s why it’s critical to protect the files and information on the sell-side company’s devices. The IT department at SHAPE understands the reality of this risk and proactively takes steps to protect the organization’s IP and secure the data. 

“Our initial goal is to get the data captured and backed up,” says Jeff Zuniga, director of IT operations. “Some people have taken it upon themselves to delete files thinking they’re helping by cleaning things up. Once we get the data protected, we are able to manage it and consume it as needed.”

Some of the companies SHAPE acquires don’t have sophisticated security and IT programs, so SHAPE’s IT team must quickly get their data secured, integrated with their core technologies and aligned with IT standards.

“We needed a quick way to be able to start collecting the data that resided on their machines,” says Zuniga. “A lot of them ran on a shoestring budget and workstation backups weren’t part of their vocabulary.”

Safeguarding data during consolidation

Organizational consolidation often accompanies acquisitions — and often includes employee departures. To monitor IP and determine whether there’s any suspicious file movement or deletion during this process, SHAPE is using Code42. 

“Being able to make sure we’re protecting our IP, that it’s not walking out the door, is important,” says Zuniga.

At a company that’s the innovator in its field, IP carries a premium—and without the right tools, it could be vulnerable to insider threats.

“We have a lot of IP like our drawings, sensitive information like cost of goods, where we purchase things, vendor lists,” says Zuniga. “We’ve been running reports and looking at users who have copied their local drives. We have to sort through and see if they’re personal files or does it contain IP.”

As it maintains its growth trajectory, SHAPE’s strategic approach to IT will continue to serve it well. And Code42 Next-Gen Data Loss Protection capabilities like data collection and monitoring, will help the industry leader safeguard its valuable IP—that of its acquisition targets and the homegrown ideas that have made it the industry leader for more than four decades.

Using-Delayed-Client-Updates-to-Test-the-Code42-App

Product Spotlight: Using Delayed Client Updates to Test the Code42 App

One of the benefits of selecting a Code42 cloud deployment is that that you don’t need to manage software upgrades. Code42 manages all infrastructure, and the Code42 app installed on endpoints is automatically updated when new versions are released. This process ensures your organization always has the latest security updates and newest functionality.

However, some customers have told us their change management process requires them to test new versions of the Code42 app with internal groups prior to distributing to the entire organization. Today we’re excited to announce new functionality that allows you to do just that.

With the new delayed client updates functionality, Code42 cloud deployment customers have up to thirty days to test new versions of the Code42 app before all endpoints are updated. In most cases, you will be notified one week prior to the release date so that you can prepare for the start of the testing period.

How to use delayed client updates

First, you must opt into this functionality by setting a global delay for all Code42 app updates. This delay can be set for up to thirty days. The selected global delay becomes the date on which all endpoints will receive a new version of the Code42 app after its release. Customers who do not set a global delay will continue to receive new versions of the Code42 app automatically on release date.

Once you’ve selected your global delay, you can specify organizations as “exceptions” to the delay date. These will become your test organizations. For example, if you’ve set your global delay to the thirty day maximum, you can arrange for the IT organization to receive the update on the general availability date, and for the marketing organization to receive the new app ten days after the release. This allows for sequenced testing with multiple test groups. If needed, you can also deploy to individual devices for targeted testing.

Once you’ve completed any desired testing, all Code42 apps will update automatically according to your global delay setting.

We hope this process allows you to follow your established change management process while still benefiting from the automatic updates that come with a cloud deployment. Happy testing!




Code42-Dont-Let-Your-Security-Be-Blinded-by-Cloud-Complexity

Don’t Let Your Security Be Blinded by Cloud Complexity

It’s incredible how complex today’s IT environments have become. Among the central promises of cloud computing were simplified management and security. However, almost paradoxically, it is the ease of cloud deployment and use that led to an explosion of adoption that has presented a significant challenge for security teams.

The challenge isn’t necessarily just the number of cloud services in use but how scattered an organization’s data becomes across these services. It doesn’t seem too long ago when nearly all enterprise data was stored on local drives or shared storage in a data center. No more. With the rise in popularity of cloud services, files are likely to be stored on user endpoints as well as across a number of cloud services, including Box, Google Drive, OneDrive or collaboration platforms like Slack and others.

“ Unfortunately, the rise in IT management complexity will continue to make for rising security challenges. ”

To add to the complexity, the research firm Gartner estimates that more than 80 percent of enterprise data is unstructured data, and most of that data is expected to be stored in cloud systems.

And, while this may be surprising — because it feels like cloud adoption has been ongoing for some time now — the reality is that the move to the cloud is still in its early stages. According to the market research firm Stratistics MRC, the global cloud storage market is expected to grow from its $19 billion market size in 2015 to more than $113 billion by 2022. That’s an annual growth rate of roughly 29 percent.

All of this compromises the ability of security teams to peer into the movement and location of the organization’s sensitive data. Security teams simply cannot monitor organizational data for changes or see where it travels. Security investigations become harrowing and require complex workflows with multiple tools to attempt to analyze potential security events — and forget about knowing for certain whether specific data files are backed up and recoverable.

These are questions security teams need to be able to answer — not only for security and regulatory compliance demands but to also ensure data availability for business.

Unfortunately, the rise in IT management complexity will continue to make for rising security challenges. And, let’s be honest, security technologies have not always made the jobs for security professionals easier.

Consider how difficult most security tools are to set up and manage. This is unfortunately the case when it comes to most prevailing security technologies: web application firewalls, intrusion detection and prevention systems, encryption and so on. The same is true for traditional enterprise DLP.

The more complex the environment, the more challenging security becomes, and the more seamless to the workflow enterprise security managers must be.

This is why we made Code42 Next-Gen DLP straightforward to connect to cloud services and easy to use. Rather than being blinded by complexity, security teams can see where files are moving to and quickly scrutinize if something needs to be investigated. It provides a comprehensive view of file activity across both endpoints and cloud services.

Code42 Next-Gen DLP is designed to simplify investigatory workflows, shorten incident response time and help to reduce security and compliance risks.

In order to effectively manage cloud complexity, security teams need to be able to simplify their workflows — and do so regardless of the cloud services employees choose to use. After all, our IT environments aren’t going to get any easier to manage any time soon. We are creating more files, which are being stored in more cloud services, than ever before — and security threats and regulatory demands aren’t going to go away either. Your best defense is to ensure you have the necessary visibility to manage and secure your user data no matter where that data is being used and stored.

Code42-Tips-From-the-Trenches-Red-Teams-and-Blue-Teams

Tips From the Trenches: Red Teams and Blue Teams

In my most recent post, I wrote about the important role proactive threat hunting plays in a mature security program. Equally important to a well-designed program and closely related to hunting for threats is having a robust red team testing plan. Having a creative and dynamic red team in place helps to “sharpen the knife” and ensure that your security tools are correctly configured to do what they are supposed to do — which is to detect malicious activity before it has advanced too far in your environment.

“ It is much more challenging to build and maintain defensible systems than infiltrate them. This is one of the reasons why red team exercises are so important. ”

Red teams and blue teams

A red team’s mandate can range from assessing the security of either an application, an IT infrastructure or even a physical environment. For this post, I am referring specifically to general infrastructure testing, where the goal is to gain access to sensitive data by (almost) any means necessary, evaluate how far an attacker can go, and determine whether your security tools can detect or protect against the malicious actions. The red team attackers will approach the environment as if they are an outside attacker.

While your red team assumes the role of the attacker, your blue team acts the defender. It’s the blue team that deploys and manages the enterprise’s defenses. While the red team performs their “attack” exercises, there are many things your blue team can learn about the effectiveness of your company’s defenses — where the shortfalls are and where the most important changes need to be made.

Defining success

Before conducting a red team test, it helps to decide on a few definitions:

1. Define your targets: Without specifying what the critical assets are in your environment — and therefore what actual data an actual attacker would try to steal — your testing efforts will not be as valuable as they could be. Time and resources are always limited, so make sure your red team attempts to gain access to the most valuable data in your organization. This will provide you the greatest insights and biggest benefits when it comes to increasing defensive capabilities.

2. Define the scope: Along with identifying the data targets, it is essential to define the scope of the test. Are production systems fair game or will testing only be done against non-production systems? Is the social engineering of employees allowed? Are real-world malware, rootkits or remote access trojans permitted? Clearly specifying the scope is always important so that there aren’t misunderstandings later on.

How tightly you scope the exercise includes tradeoffs. Looser restrictions make for a more realistic test. No attacker will play by rules. They will try to breach your data using any means necessary. However, opening up production systems to the red team exercise could interrupt key business processes. Every organization has a different risk tolerance for these tests. I believe that the more realistic the red team test is, the more valuable the findings will be for your company.

Once you define your scope, make sure the appropriate stakeholders are notified, but not everybody! Telegraphing the test ahead of time won’t lead to realistic results.

3. Define the rules of engagement: With the scope of the test and data targets well defined, both the red team and the blue team should have a clear understanding of the rules for the exercise. For example, if production systems are in scope, should the defenders treat alarms differently if they positively identify an activity as part of the test? What are the criteria for containment, isolation and remediation for red team actions? As with scope, the more realistic you can make the rules, the more accurate the test will be, but at the potential cost of increased business interruption.

Making final preparations

Don’t end the test too quickly. A real attacker who targets your organization may spend weeks or even months performing reconnaissance, testing your systems and gathering information about your environment before they strike. A one-day red team engagement won’t be able to replicate such a determined attacker. Giving the red team the time and resources to mount a realistic attack will make for more meaningful results.

It’s also important to precisely define what success means. Often a red team attacker will gain access to targeted resources. This should not be seen as a failure on the part of the blue team. Instead, success should be defined as the red team identifying gaps and areas where the organization can improve security defenses and response processes — ultimately removing unneeded access to systems that attackers could abuse. A test that ends too early because the attacker was “caught,” doesn’t provide much in the way of meaningful insights into your security posture. An excellent red team test is a test that is comprehensive.

It’s important to note that defenders have the harder job, as the countless daily news stories about breaches illustrate. It is much more challenging to build and maintain defensible systems than infiltrate them. This is one of the reasons why red team exercises are so important.

Completing the test

Once the test is complete, the red team should share the strategies they used to compromise systems, and gain access or evade detection with the blue team. Of course, the red team should be documenting all of this during the test. Armed with this information, the blue team can determine how to harden the environment and create a bigger challenge for the red team during the next exercise.

We have a fantastic red team here at Code42. The team has conducted multiple tests of our infrastructure, and we have always found the results to be incredibly valuable. Any organization, no matter the size, can gain much more than they risk by performing red team testing.

As always, happy threat hunting!

Best of the Code42 Blog November 2018

The Best of the Blog: December 2018

Catch up on the best stories from the Code42 blog that you might have missed in December. Here’s a roundup of the highlights.

Tips From the Trenches: Threat-Hunting Weapons: Defensive tools are essential for any cybersecurity team. But to take your security to the next level, it’s time to go on offense. Learn how proactive threat hunting can improve the effectiveness of any security program.

It’s Time to Rethink DLP: Three of the five most common data loss incidents involve insiders. Today’s idea-focused organizations need to keep their valuable IP safe, but the prevention-only focus of their legacy DLP solutions no longer matches their needs. Learn how Code42 Next-Gen DLP protects all data without hampering employee productivity.

Product Spotlight: Saved Searches: Most organizations have “crown jewels” —data that makes or breaks the business. Learn how to quickly — and repeatedly — find where these crucial files exist in your organization with the new saved searches feature of Code42 Next-Gen DLP

2018: The Year in Review at Code42: It has been an eventful year for Code42. Catch up on all the new ways Code42 can help you protect your data.

The-Year-in-Review-at-Code42

2018: The Year in Review at Code42

The end of the year is always a great time for reflection. The last 12 months have been especially eventful for Code42. This year, the Code42 product grew and evolved in significant ways. We made product enhancements and introduced more tools to gather actionable intelligence about data risk. Most importantly, we added capabilities that paved the way for our biggest product yet: Code42 Next-Gen Data Loss Protection. We couldn’t have brought this exciting new solution to life without the foundational features unveiled throughout 2018. Here’s a look back at the highlights.

Code42 Forensic File Search

In April, we launched Code42 Forensic File Search, which now forms the core investigation capabilities of Code42 Next-Gen Data Loss Protection. By collecting file metadata and events from endpoints and making them searchable via the cloud, Code42 Forensic File Search enables security teams to get comprehensive answers to challenging security questions in seconds versus days or weeks.

Code42 Forensic File Search expands into cloud services

Our September release included several more enhancements, both big and small. We extended the capabilities of Code42 Forensic File Search so security teams can search for files by SHA256 hash and across cloud services, including Microsoft OneDrive and Google Drive. These capabilities truly unified and broadened the investigation capabilities of Code42 Next-Gen Data Loss Protection, providing full visibility to where corporate files live and move.

With the ability to search file activity in the cloud, IT and security teams are now able to more quickly see what files are shared and with whom; how and when files are added to cloud services; and what files a departing employee accessed, shared, downloaded or transferred before resigning. To further strengthen this capability in 2019, we’ll continue to expand across other cloud services.

With our November release, we added even more improvements to Code42’s investigation and monitoring capabilities. File Exfiltration Detection support was introduced for Mac devices, which now detects files being sent to Slack, FileZilla, FTP and cURL. To make it even easier to keep track of the most critical files, we also rolled out the ability to save search queries.

Code42 customers embraced cloud architectures

Meanwhile, customers told us their cloud strategies were changing. Companies who had originally chosen on-premises and hybrid deployment models were ready to fully embrace the benefits of cloud. We set out to deliver a secure and seamless way for our customers to move to cloud without needing to re-deploy or lose their historical data. This fall, we were proud to deliver a migration path that enables customers to deploy in the cloud in a couple of hours, without any user downtime or data loss. We’ve already had many customers upgrade to the cloud in order to eliminate on-premises hardware and take advantage of all the newest Code42 functionality. If you are a Code42 customer interested in moving to a cloud deployment, contact your CSM today to learn more.

“ Code42 Next-Gen Data Loss Protection takes a fundamentally different approach to protecting corporate data. ”

Next-gen data loss protection

In October, we brought all of our core capabilities together into a single holistic solution and unveiled Code42 Next-Gen Data Loss Protection. We heard from our customers and the market that while traditional data loss prevention (DLP) solutions sound good in concept, they’re failing to live up to their potential in several key ways. Most companies are only using a fraction of the capabilities of their traditional DLP solutions. Security teams describe using traditional DLP as “painful.” Deployments of these tools can take months or years, because proper setup requires an extensive data classification process, and refining DLP policies to fit unique users is complex and iterative. To make the situation even more challenging, traditional DLP blocks employees from getting their work done with rigid data restrictions that interfere with productivity and collaboration.

Most importantly, traditional DLP solutions are narrowly focused on prevention — and business and security leaders now recognize that prevention alone does not work. Data loss will happen. Being able to protect a business from data loss and quickly recover from an incident is more important than the constant efforts needed to prevent an attack from happening — especially when, in the end, prevention fails.

Code42 Next-Gen Data Loss Protection takes a fundamentally different approach to protecting corporate data. Unlike traditional DLP, it does not require policies, which has multiple benefits. The solution deploys in days instead of months; it is not resource-intensive to manage; and it doesn’t burden administrators with false positives. Most importantly, it doesn’t drain user productivity with rigid restrictions on data use.

Code42 Next-Gen Data Loss Protection is cloud-native and preserves every version of every file on every endpoint, forever. It monitors file activity across all endpoints and an ever-expanding list of cloud services. As a result, it provides unified visibility to where files live and move as well as access to the contents of files involved in data security investigations. Code42 Next-Gen Data Loss Protection preserves current and historical endpoint files for rapid content retrieval and investigation, as well as to help meet regulatory requirements.

To achieve these benefits, Code42 Next-Gen DLP leverages five key capabilities:

  • Collection: Automatically collects and stores every version of every file across all endpoints, and indexes all file activity across endpoints and cloud. 
  • Monitoring: Helps identify file exfiltration, providing visibility into files being moved by users to external hard drives, or shared via cloud services, including Microsoft OneDrive and Google Drive.
  • Investigation: Helps quickly triage and prioritize data threats by searching file activity across all endpoints and cloud services in seconds, even when endpoints are offline; and rapidly retrieves actual files — one file, multiple files or all files on a device — to determine the sensitivity of data at risk.
  • Preservation: Allows configuration to retain files for any number of employees, for as long as the files are needed to satisfy data retention requirements related to compliance or litigation.
  • Recovery: Enables rapid retrieval of one file, multiple files or all files on a device even when the device is offline, or in the event files are deleted, corrupted or ransomed.

It’s been a big year for Code42, and with the launch of Code42 Next-Gen Data Loss Protection, next year will be even bigger. Thanks for taking this trip down memory lane with us and see you in 2019!

Code42-Tis-the-Season-the-Greedy-Go-Phishing

‘Tis the Season the Greedy Go Phishing

It’s the time of year where we (hopefully) spend a little more time away from work and more time with friends and family to relax and celebrate. It’s to be expected that many of us are a bit more relaxed during the holiday season. Perhaps off-guard. This is exactly where the bad guys want us. They’re counting on it. It’s why they are more active this time of year.

The holidays have always been a time for the greedy to strike. Years ago, their primary vectors of attack were telemarketing scams used to promote fake charities. Of course, criminals still do these types of scams, but they have also kept up with the technological trends of the times. Today you are just as likely — if not more — to be hit with a phishing email, instant message or scam on social media.

“ As staff use corporate devices for both work and shopping — and accessing data files as well as connecting to the network — there is an increased risk that clicking on the wrong file or link could expose your organization to malware, data theft, ransomware attacks and more. ”

But Rob, this is a corporate security blog — why are you writing about consumer security? Well, here’s the thing: the scam and phishing-related activity doesn’t just place consumers at risk. After all, your corporate employees are consumers — and think about how the separation between people as consumers and workers has been erased. The days of employees having personal devices and work devices are long gone. Many organizations are BYOD now, either by policy or the reality on the ground.

The reality is your employees are using work devices to click on emails, shop and research the holiday gifts they hope to share. As staff use these devices for both work and shopping — and accessing data files as well as connecting to the network — there is an increased risk that clicking on the wrong file or link could expose your organization to malware, data theft, ransomware attacks and more.

Here are just some of the techniques attackers use to trick employees:

  • Emails that look like they come from insiders of the organization or trusted partners
  • Bogus websites that promise deep discounts, but are really designed to siphon personal data and credit card numbers
  • Mass phishing scams that impersonate popular retail brands (that steal usernames and passwords that thieves will try to use elsewhere)
  • Spurious order or shipment update emails
  • Phony charities
  • Social media updates and tweets crafted to trick people to scam websites
  • Holiday ecards (isn’t anything sacred?)

The good news is because attackers are using the holidays as a moment of opportunity, you can do the same thing by taking constructive steps to build employee awareness about phishing and online scammers. To protect their safety and yours, now is a perfect time to help them to understand that they are being targeted during the holiday season.

Here are some things to remind employees to do to protect themselves and your organization:

  • Avoid public Wi-Fi and always be sure to connect to secure internet.
  • Always use best practices when it comes to password management.
  • Use unique passwords for each service and never reuse work passwords for home.
  • Use a separate email for online shopping.
  • Dedicate one credit card or prepaid card for online shopping, and don’t use debit cards (the rules for fraud protection are often different).
  • Be vigilant for phishing emails, social media posts and direct messages. Don’t ever click on unfamiliar links; when an offer seems too good to be true, it probably is.
  • Look closely at all email communications — watch for minor changes in email address name or domain, the validity of the domain the links refer to, typos in the text of the message and odd grammar.
  • Remind them to back up their devices and data; this is the best way to recover from such things as ransomware attacks.

Of course, much of the same advice holds all year around, but it’s worth being extra diligent this time of year. The less time spent cleaning up malware and recovering from attacks, the more time we all have to enjoy the season.

Code42 Learning for Life

At Code42, We Embrace Learning as Part of Life

As human beings, we are constantly learning. While we work, we’re constantly getting better at our job skills and becoming more knowledgeable in our field. But we also learn from our experiences at work — how we interact with one another and our environment. Learning on the job is inevitable. Employers that embrace that fact and support their employees’ learning journey can help them develop faster and with more confidence.

At Code42, learning is a core part of our culture. This fall, we embraced that by launching a two-month program called “Learning for Life.” Our mission was to highlight the programs, resources and brilliant minds at Code42 through internal education sessions, keynote speakers and opportunities to learn something new. We encouraged curiosity and expanded perspectives for the amazing lifelong learners we are fortunate to employ. We were quite happy to hear the reactions of those who participated in the program:

“ Our mission was to highlight the programs, resources and brilliant minds at Code42 through internal education sessions, keynote speakers and opportunities to learn something new. ”

“I enjoyed the variety of topics and that Code42 was intentionally planning content for this program,” said participant Eileen Potter. “This made me think about the ways I am continually learning. While I’ve always done that in my career, it’s really nice to have an employer actively supporting me with a learning culture.”

“I loved having the chance to hear from a variety of people throughout the company,” said attendee Beth Bornhoeft. “As someone who’s relatively new to the Code42, I felt like this was a chance to get a crash course in institutional knowledge. I found myself with a ton of takeaways that I can use in my job.”

As part of an incredibly dynamic tech industry, we at Code42 are committed to providing learning opportunities that are critical to our success and that of our employees. We know that, in order to remain competitive in the ever-changing market, we need to create an environment that is nimble, agile and flexible to keep pace. That means developing learning and training opportunities that support the personal and professional development of our people.

We believe that a learning mindset is a conscious choice on how to approach work and life. If we cultivate an environment that encourages trial and error as well as resilience and growth, we have a formula for success.

#BeCode42

Diversity is the Answer to the Cybersecurity Talent Shortage

Anyone in the cybersecurity profession understands that organizations are facing a severe shortage of skills in virtually every aspect of information security.

In October, (ISC)², an international nonprofit association of cybersecurity professionals, released its latest Cybersecurity Workforce Study, which found that the cybersecurity workforce gap has increased to more than 2.9 million globally. About two-thirds of those surveyed (63 percent) report that their organizations have a shortage of IT staff dedicated to cybersecurity, and 48 percent said their organizations plan to increase cybersecurity staffing over the next 12 months.

For anyone looking to fill open positions in security programs, those are discouraging numbers. And there are no clear signs that the situation will get better any time soon.

“ Those who embrace diversity now will have a distinct advantage over those who are slower to realize its benefits. ”

Greater diversity can help

The good news is there are things we can do to ease the talent shortage, including bringing more women into the cybersecurity field.

Perhaps one of the more positive findings in the (ISC)² report was that there is a younger workforce and greater representation of women in the study. Women now represent 24 percent of the cybersecurity workforce surveyed, compared with 11 percent from previous studies.

In the cybersecurity world today, we are facing some of the same threats that we faced a decade ago, albeit with new packaging. A variety of viewpoints informed by different backgrounds and experiences will allow the security industry to take new approaches to identify and solve today’s most challenging and persistent threats. These need to include not only more women, but also people of varying ethnicities, countries of origin, ages and other factors.

How to implement diversity

There are steps we can take to increase workforce diversity, and they start before an employee is even hired.

One peer I recently spoke with shared that her organization reviews all job postings for gender-biased language. For example, security practitioners love to use the word “ninja,” as it speaks to precision and accuracy. However, it’s also a word that conjures up images of conflict and danger that may be less appealing to female candidates. Reviewing your job posting for language that may unconsciously favor one gender in the first step to attracting diverse candidates.

Another key is to create programs within your organization that promote diversity and inclusion. This isn’t a particularly progressive stance to take today — it’s simply table stakes. People in the workforce today want to be able to bring their authentic selves to their jobs. If job seekers and employees of all backgrounds believe they won’t be welcome in your organization, they’ll look for work elsewhere.

Mentorship programs within companies are also powerful tools. Through these programs, women working in security professions can provide guidance and encouragement to others in the company or those in the community showing an interest in cybersecurity.

Another initiative is to work with youth organizations to create more awareness about opportunities for women in technology fields in general and in cybersecurity specifically.

For example, Code42 has been partnering with the Girl Scouts for two years on events focused on fostering an interest in technology.

Last year, we hosted “Think Like a Programmer,” an event at which girls worked to earn badges related to Science, Technology, Engineering and Math (STEM). This year, they had an opportunity to work on a new Cybersecurity badge. The purpose of the program is to help girls understand not only the basics of programming, but also that there is a spot for them in cybersecurity.

Events such as these offer an opportunity for girls to meet, talk with and learn from women in the field of technology at Code42; create forums for dialogue about the advantages of STEM; encourage women to pursue careers in high technology by celebrating accomplished female leaders and role models; and bring more awareness to women in technology.

Organizations can also look to recruit diverse candidates who are working in completely different areas to join security teams, if they have skills that apply. For example, someone with a strong background in technology or analytics might have the ability to learn about large, complex systems, and could understand the logic behind how those systems work and their vulnerabilities.

Security executives such as CISOs need to work closely with human resources to recruit a broad array of talent that could make the security team stronger. It’s only a matter of time before this field will be truly diverse, but those who embrace diversity now will have a distinct advantage over those who are slower to realize its benefits.