In this episode of CHATTINN CYBER, Marc Schein interviews Nadav Aharon-Nov, VP of Cybersecurity at R-MOR, Israel. He is experienced in Organizational and Regulatory Compliance, Information Security Management, Auditing and Governance, among many other areas of cyber risk management. During the conversation, Nadav shares getting into cybersecurity, leading a cybersecurity firm in Israel, the differences and similarities of the threats observed in Israel and America, the importance of investing in internal systems for any company, and how to mitigate cyber risks by thinking from the point of view of the attacker.
Nadav explains that due to the constant cyber-attacks faced by Israel, the country has learned to be creative on the cybersecurity front. They’re always thinking outside the box to figure out ways to keep their civilian life safe. The majority of the threats faced by the companies in Israel is due to ransomware attacks. Cybersecurity firms like his’ continually level up their attempts to study the attacking group’s moves and intelligence and try to get them from the inside without them knowing.
He also talks about the importance of assessing a business’ infrastructure from the outside – from the viewpoint of the attackers or hackers. While internal assessments are fairly common, external assessments could give a firm a competitive edge. Another critical piece of information shared is about automation. Attacking groups tend to use more manpower and less automation to analyze issues and make decisions quickly.
The present times have highlighted the importance of cybersecurity more than ever. Working from home, with not more than a VPN connection as security, the security offered by office spaces is quashed. Nadav explains that his company offers two unique departments – web analytics and cybersecurity to create a strategic platform that collects information from all three layers of the web to understand the hacker’s perspective, security gaps in the existing technologies and products, and to assess a company’s internal infrastructure thoroughly. A company must invest in their internal systems more than anything else, especially in today’s times.
Tune in to the episode now!
“There’s a big blind spot when it comes to businesses, seeing their infrastructure from the outside in. So they’re usually looking from the inside out, doing internal assessments, (…) they’re forgetting about the other point of view. And that is the external point of view – how a criminal or a hacker or someone with malicious intent looks from the outside-in.”
“The problem is you have nothing to secure yourself at home other than a VPN connection. And most of the infrastructure at your house is either a simple modem, no firewalls, no true security on your endpoints, and everything is very exposed. So the comfort that you had in your infrastructure back at the office is literally smashed and you have nothing to get home.”
“(Every company) needs to invest in internal systems, because the criminal could be either from the outside (or) from the inside. Everyone could have criminal intentions when it comes to manipulating data, stealing data.”
[02:19] – The threats faced by Israel vs. America in cybersecurity
[03:23] – How Nadav got into cybersecurity
[05:24] – How COVID has caused a rise in the need for cybersecurity
[10:19] – Where should a company invest more to mitigate cyber risks (other than cybersecurity teams)?
Connect with Nadav