The pandemic has cultivated a recent shift to remote work, making businesses more reliant on digital software, such as the cloud. However, any new technology requires advanced IT expertise for successful implementation.
Unfortunately, not all companies have the necessary know-how knowledge and leave vulnerability gaps in the critical business systems during the process. As a result, threat actors exploit those vulnerabilities for malicious purposes, such as holding a company’s data hostage for payment.
While professional security suites can help businesses to identify local threats, it’s vital to take effective measures to protect the resources stored on the cloud, as well.
Today, we talked with the CEO and Co-Founder of Horangi, Paul Hadjy, who explained how threat actors target both small and large businesses, and how security software can help prevent cyber attacks.
How did Horangi come about?
My passion for entrepreneurship started when I was in college. With Horangi, I decided to start a business in line with my professional career and education while utilizing the experience of running smaller businesses. The idea for Horangi came when I was transitioning from Palantir to Grab.
At Grab, I was running the security and IT teams. When looking for cloud security vendors, I had a hard time finding any of them based outside of the U.S. or Israel. I also found that existing solutions weren’t well-tailored to businesses without large security teams. Seeing that gap in Asia, my co-founder, Lee Sult, and I decided to start Horangi.
Today, Horangi operates in various countries in Asia, with our main markets being Singapore and Indonesia. Our customers are split across the full range of industries from fintech and banks to telcos and healthcare, with the likes of CardUp, Direct Asia, and Singlife.
Warden, our Gartner-recognized cloud security platform, helps organizations on the public cloud to detect, prioritize, and remediate security threats. It has integrations of major cloud platforms Amazon Web Services, Google Cloud, Microsoft Azure, Alibaba Cloud, and Huawei Cloud which makes Warden the only cloud security platform capable of providing compliance automation for both Asia-specific standards such as MAS TRM, BNM-RMiT, or OJK regulations.
Besides your Cloud Security Platform, you also offer services for offensive cybersecurity strategies. Can you tell us more about them?
Threat actors are constantly evolving their strategies and tactics in line with technological advancements. As cyber-attacks become more sophisticated, offensive cybersecurity services will be essential for organizations to improve their risk posture, enabling them to identify, prioritize, and remediate potential vulnerabilities in business-critical systems before they are exploited. These vulnerabilities may be present in the form of unpatched software, insecure code, or inadequate cybersecurity awareness, which can lead to employees being targets of phishing attacks.
Horangi provides our customers with CREST-accredited offensive services (OffSec), many of which are technical assessments that help organizations identify and fix vulnerabilities across their IT systems. Often, these assessments that range from Penetration Tests to Red Teaming Exercises are mandatory in regulated industries such as financial services.
Lately, there has been discussion centered around choosing between third-party and native cloud security solutions. What are your thoughts on this?
Native cloud security solutions are a good place to start, but can often be either too simple or too complicated for many organizations. Some native solutions are simple to configure for straightforward deployments and cover basic security needs but will lack depth, flexibility, or customization. On the other end of the spectrum, some native tools will be very powerful but quite raw and require significant resources and expertise before they can meet an organization's security needs.
Third-party cloud security solutions can help to augment the areas that native cloud security tools struggle to cover efficiently. These include visibility, enforcing IAM permission, and vulnerability remediation for multi-cloud deployments.
Unique industry needs have to be taken into consideration as well. Third-party cloud security solutions can also add value to businesses in complex and highly regulated industries such as finance, healthcare, services, and government, being able to scale flexibly according to business needs and developments.
With so many cloud security options on the market, choosing the right one for your organization can seem rather daunting. Which services are better suited for small businesses, and which types are recommended for big enterprises?
Threat actors are typically indiscriminate in their attacks, regardless of whether the target is a small business or large enterprise. Thus, the notion that small businesses should be less worried than enterprises when it comes to cyber-attacks should be dispelled.
That said, an organization’s regulatory requirements, the sensitivity of data being handled, and the type of cloud environment are key factors that could influence the suitability of cloud security solutions.
For small businesses that are just starting out, a large portion of risk can be reduced or mitigated by following cloud security best practices as prescribed by their cloud service provider or regulator. These could involve native security tools, ensuring every employee undergoes cybersecurity awareness training suited to cloud-based organizations, and complying with requirements as listed in popular frameworks such as ISO 27001 and SOC 2.
For organizations that have a more complex setup with more than 20 employees interfacing with cloud services — especially across multiple cloud service providers — we recommend more comprehensive solutions the likes of Cloud Security Posture Management (CSPM) and Cloud Infrastructure Entitlements Management (CIEM) tools such as Warden. Such advanced tools will be able to provide faster visibility of potential security risks and automated threat response mechanisms.
Regardless of the size and maturity of the organization, we generally recommend that organizations undergo a Cybersecurity Assessment or Gap Assessment to understand where they should focus their security budget and efforts in. This helps to align policies and investments from stakeholders across various teams.
What would you consider to be the most serious cybersecurity threats that emerged during the pandemic?
A growing volume of ransomware attacks has been registered globally in the wake of COVID-19, catalyzed by threat actors exploiting overall uncertainty and public demand for pandemic-related information. Likely due to the higher likelihood of payment in view of the essential nature of medical services at the present moment, many ransomware attacks have focused on healthcare organizations. This could put patients in physical danger if healthcare personnel are left unable to access life-saving information or systems.
Evidence also suggests the ongoing transition to remote work has significantly contributed to the likelihood of a successful ransomware attack. This is likely due to several factors, chief of which are low cyber hygiene and awareness levels that have not advanced in step with the rapid digital transformation. Situations such as employees accessing confidential files from compromised devices or getting successfully hit by phishing attacks increase the likelihood of organizations falling victim to ransomware.
Why do you think certain business owners are unaware of the cybersecurity risks hiding in their networks?
The pandemic has given rise to considerable economic uncertainties and continues to disrupt the ability of businesses to plan ahead due to evolving virus containment measures.
To maintain business continuity in compliance with social distancing restrictions and to unlock new revenue streams, organizations around the world have embarked on digital transformation efforts. This has been most apparent in Southeast Asia, where the growth of digital products and services and corresponding consumer appetites have accelerated the rise of the region’s internet economy, forecasted by Google, Bain, and Temasek to deliver a value of $360B by 2025.
However, in a rush to digitalize, we have observed many organizations adopting new technologies, such as the cloud, without adequately understanding the relevant security risks. As a result, these technologies are all too often implemented without requisite cybersecurity processes or solutions in place, exposing organizations to significant reputational and monetary repercussions.
Providing a real-world example, a recent study by EY saw more than half of their enterprise respondents sharing that their businesses had sidestepped cyber processes to facilitate requirements around remote working.
Compounding the challenge is an acute shortage of cybersecurity talent in local markets due to ongoing travel restrictions, which could limit the ability of IT decision-makers to react accordingly.
In your opinion, which industries should be most concerned with implementing cloud solutions and why?
Over the past two years, the cloud has become ubiquitous with any organizational environment, being vital not only to support remote working models but also to connect disparate workflows anytime, anywhere in the world. While virtually every industry can reap benefits when moving workloads from on-premises to the cloud, there are some sectors in which cyber attacks could create an outsized impact.
These include sectors that operate critical infrastructure vital to support essential functions such as electricity grids or water plants, and also transport networks. A successful attack on cloud infrastructure related to these operations could cause widespread damage not just on an organizational level, but impact a country’s ability to continue functioning. Any adoption of cloud – or any new technology at all – for such sectors should be preceded by a comprehensive cyber risk assessment exercise to identify vulnerabilities, followed by regular reviews in line with the latest technological developments.
It seems like remote work is not going anywhere, so which practices should businesses implement to protect their workload?
The ongoing shift towards working from home has accelerated a move to the cloud as organizations put in place the infrastructure to support remote work. This pivot renders traditional methods of ring-fencing corporate networks moot, with each decentralized worksite expanding an organization’s digital network and therefore elevating the size, scope, and complexity of cybersecurity.
Horangi's research has identified misconfigured cloud infrastructure, inadequate identity and access management processes, and insufficient ability to audit changes to their cloud network as foremost risks to cloud-first organizations today amid the shift to remote work.
But to some organizations, security can be perceived as a time-consuming problem that takes resources away from business growth. On the contrary, we believe that security can be a powerful sales enabler. Reputable businesses look to work with other reputable businesses, and a big factor influencing a business’ trustworthiness is security.
WIth remote work being here to stay, organizations should develop robust cybersecurity policies and enforce them across all employees. These include frequent patching of software, adopting Endpoint Detection and Response (EDR) and Multi-Factor Authentication (MFA) technology, and raising cyber hygiene standards as a whole.
For cloud users in specific, it pays for the organization to invest in relevant security tools depending on the business needs. These could come in the form of native security tools or leveraging third-party tools the likes of Cloud Security Posture Management (CSPM) or Cloud Workload Protection Platform (CWPP) applications.
Share with us, what’s next for Horangi?
At Horangi, we recognize that cybersecurity is a constant process of discovery and innovation, improving upon our existing product suite to meet evolving enterprise security requirements.
From a solutions perspective, our immediate focus will be to expand and deepen our security coverage in the cloud. This means not only the new areas of cloud workloads and containers but also leveraging machine learning to help our customers automatically prioritize the real security threats and eliminate false positives. We most recently secured the SOC 2 Type II certification, making Horangi one of the first cybersecurity companies in Asia to do so.
From a business standpoint, we see Southeast Asia as a key growth market due to its status as one of the world’s largest and fastest-growing digital economies and will work to increase our market share in the region. These are being driven through partnerships with major cloud service providers in the region, as well as a local collaboration with like-minded channel partners such as Synnex Metrodata Indonesia to enhance our go-to-market strategy.
Horangi is a leading cybersecurity company founded by ex Palantir Technologies engineers and is headquartered in Singapore. Horangi’s best-in-class Warden cloud security platform protects organizations in the public cloud, complemented by an elite team of cybersecurity experts providing CREST-accredited offensive and strategic cybersecurity services to customers across the world. For more information, visit https://www.horangi.com/.
P.S. This interview has been taken from Cybernew's website. You can find it here.