Cybersecurity attacks are on the rise across all spectrums of society, including institutions of higher education. Malware, ransomware, and spear-phishing attacks against universities and colleges have increased, especially since the move to remote learning has become a necessity.
Increased vigilance in the education community is needed to prevent institutions from being exploited. Network infrastructure, social media platforms, and email are common points of entry for hackers seeking to elicit ransom payments or data theft.
At the recent Fal.Con Public Sector virtual conference, Otavio Freire, co-founder of SafeGuard Cyber shared on what is needed to remain vigilant against these threats. He presented the cybersecurity wins from two major universities. He also outlined the cyber threats that exist and the high stakes in play within the education sector.
We sat down with Otavio following the event to learn more about SafeGuard and to discuss some of the topics of discussion and key points from his presentation at Fal.Con for Public Sector. Here is what he had to say:
GovCyberHub (GCH): Can you tell our readers a little bit about yourself?
Otavio Freire: I am a Brazilian-born, American entrepreneur and inventor. As the Co-Founder and CTO of SafeGuard Cyber, I am responsible for the development and continuous innovation of the SafeGuard platform, which enables global enterprise customers to extend cybersecurity to social media and digital channels.
I have more than two decades of experience in social media applications, internet commerce, and information technology serving the pharmaceutical, financial services, high-tech, and government verticals. I have a BS in Civil Engineering, an MS in Management Information Systems, and an MBA from the University of Virginia Darden School of Business, where I currently serve as a visiting executive lecturer.
GCG: What led you to start Safeguard Cyber?
Otavio Freire: Five years ago, Jim Zuffoletti and I created SafeGuard Cyber to address the gap between emerging threats in social media and digital communication channels and the defensive capabilities available to companies and governments who were beginning to rely on those channels.
We observed two independent trends that converged and created a massive opportunity. First, we saw business units, such as sales, marketing, and recruiting, were adopting new channels to reach customers and collaborate internally, migrating to digital and social platforms such as Facebook, WhatsApp, and Slack.
While watching this business transformation, we also observed how much the conflict between Russia and Ukraine were propelled by information operations executed across social media and other digital channels. It was easy to see that while nation-states would be the first attackers and victims, it would not be long before private enterprise companies would face similar threats.
Companies and governments that embrace social and digital communications as a path to growth and efficiency need to safeguard those activities as they would other critical infrastructure. With SafeGuard Cyber, CMOs, Sales Operations, and other business units can partner with CISOs to provide visibility and security for their tech stacks and channel investments. Teams are free to pursue growth strategies unimpeded by the silos holding back their peers.
GCH: When it comes to social media/digital channels, what specific risks are you helping to mitigate with Safeguard Cyber?
Otavio Freire: To solve social media and collaboration application risks, government and the education sector can implement cloud-scale defense with SafeGuard Cyber. Without SafeGuard Cyber, spear-phishing, ransomware, and cyber espionage attacks and cyberbullying across cloud application is often undetected until it is too late.
As an example, Microsoft Teams and Slack customers can gain the power to detect obscene language and hate speech. The SafeGuard Cyber platform can automatically flag signs of digital harassment and cyberbullying, as well as potential compliance violations.
Customizable policies mean the monitoring system could be adapted for regional slang, and the platform’s language-agnostic machine-learning analytics empower the schools to protect students communicating in other languages. Full conversation threads can now be retained, providing evidence in case of future audits.
IT teams can secure critical apps at the messaging level and protect from malicious content, malware, compliance threats, and other forms of digital risk.
GCH: What does vigilance look like in a 2020 social media-infused world?
Otavio Freire: In a world where educators and the workforce have changed and digital communication channels are imperative for progress and growth, burying your head in the sand is not a security strategy. Ideally, IT teams will understand the threat vectors while implementing a strategy that safeguards spear-phishing, ransomware, and cyber espionage attacks are occurring on cloud-based collaboration, chat, and social channels.
Not surprisingly, defeating these new attack vectors requires cloud-based defense, which can stop attacks at the app level to prevent them from moving laterally into enterprise networks or endpoints. This specifically includes network security, enhanced visibility, threat detection, and incident response.
GCH: What did you discuss during your session at the upcoming Fal.Con for Public Sector virtual event? What did attendees take away?
I discussed the future of education, specifically building the optimal student experience safely and doing so securely. I was joined in the session by higher education security experts from Arizona State and the University of Oklahoma, who highlighted their wins and talked about the challenges of their move to distance learning, as well as looked toward what’s next.
GCH: Why was this an important time to hold this event and why is it important to bring this community together – even virtually?
Email security is a $3B email industry. Criminals have shifted resources to carrying out these attack vectors on the collaboration, chat, and social channels, in addition to email, in large part because the entities lack visibility to the nature of these threats. They are relatively unprotected. The stakes are high.
The lack of visibility into these threat activities means there is no way to detect and respond in real-time, allowing spear-phishing, ransomware, and cyber espionage attacks to proceed unabated. According to U.S. Cyber Command, the FBI is currently receiving between 3,000 and 4,000 cybersecurity complaints daily This is a massive jump from their normal average of 1,000.
Universities across the country switched to distance learning in a matter of days, as the coronavirus pandemic began to sweep across the nation. Cyber Command tells us that cybercriminals and nation-state actors alike are capitalizing on this time of uncertainty, and government, education, and enterprise work-from-home workers are primary targets. Virtual is the new normal and we must continue to connect and learn, securely.
To watch Mr. Freire’s remarks at Fal.Con for Public Sector via on-demand, click HERE.
