Level 2 Helpdesk Technical Support

"You are competing not to be chosen by cybercriminals" Audience at Security Leaders Summit advised by Threatlocker on how to make themselves a tougher target. Seamus Lennon, VP Operations, Threatlocker Organisations can make themselves tougher targets for cybercriminals by adopting proactive, default-deny security framework, says Threatlocker VP Seamus Lennon, VP Operations at Threatlocker opened his presentation to the Computing Security Leaders Summit with a stark message: "You are competing to NOT be chosen." As cybersecurity strategy has shifted away from prevention, the audience of security leaders were reminded that the most effective defences are not limited to stopping attackers at the perimeter but limiting what they can do once inside. In short: make your business a hard target. The reality of modern cybercrime. Cybercrime has evolved into a highly industrialised, revenue-driven ecosystem. Attackers are not hacking their way into sophisticated targets; they are picking off the easiest ones. Speed and return on investment drive their decisions. One of the most overlooked realities is that attackers often dwell within environments before acting. In some high-profile cases, adversaries remained undetected for weeks, observing systems and planning their attack. "When they investigated afterwards, it turned out that the hacking group had gained access eight weeks before they initialised the ransomware attack. They sat in there for eight weeks just monitoring before they carried out the attack." It is in the dwell phase of attacks that "living off the land" techniques are utilised. These weaponise legitimate tools like PowerShell or built-in Windows utilities. Because these actions mimic normal behaviour, they blend in and evade traditional detection systems and can be missed by cybersecurity teams suffering from alert fatigue. How do attackers choose targets? According to Lennon, cybercriminals typically evaluate marks based on factors such as: * Internet exposure - Are systems easily accessible? * Credential availability - Are compromised credentials circulating? * Default configurations - Are systems poorly hardened? * Endpoint controls - Is there visibility and control over devices? Soft targets tend to allow unrestricted software execution, grant widespread administrative privileges, and rely heavily on tools such as EDR or MDR which Lennon categorised as reactive. These solutions detect and respond, but only after compromise. "Here is the hard truth," said Lennon, "If it can run, it can be abused." Zero Trust flips the model. A Zero Trust or default-deny architecture flips this model on its head and makes a much harder target for cybercriminals. "A hard target," said Lennon, "is one where actions are only explicitly allowed." Not breach-proof as such but b breach-resilient. Key characteristics include: * Default deny execution: Only explicitly approved applications can run. * Least privilege access: Users and applications receive only the access they need, and only temporarily. * Application and behaviour control: Software is restricted in what it can do, where it can connect, and what data it can access. * Data protection: Controls prevent unauthorised exfiltration and misuse. * Network segmentation: Limits lateral movement across systems. This approach shifts security from detection to control. If malicious code cannot execute, attacks cannot progress. Less noise, more action. Many organisations are overwhelmed by alerts yet lack meaningful protection. Detection without control leads to delayed response and increased risk. Zero Trust flips this model by reducing the number of executable actions in the environment. This means fewer scripts, fewer privileges and fewer opportunities for attackers. You don't need to outrun the bear. Lennon concluded that cybersecurity is no longer just a technical concern. Downtime, operational disruption, and reputational damage all carry significant business impact. Prevention, via strong control frameworks, consistently proves more cost-effective than recovery. For security and IT leaders, the strategic imperative is clear: In today's threat landscape, the organisations that survive are not the ones that never get attacked - they are the ones attackers choose to avoid. You don't have to outrun the bear, just be faster than any other people in the vicinity.

ThreatLocker: insights from CEO Danny Jenkins and the guardians at Zero Trust World. Table of Contents ThreatLocker's Zero Trust World event draws diverse crowd in Orlando. This week, Orlando, Florida, is hosting ThreatLocker's Zero Trust World event, attracting hundreds of attendees with varied motivations. For some, this gathering serves as an invaluable opportunity to connect with industry peers, whether at the lively bar of a local restaurant or amidst the bustling show floor. Others, particularly the numerous Managed Service Providers (MSPs), are keen to discern ThreatLocker's latest developments, while preparing to relay this knowledge to their clientele. Additionally, some attendees may find an excuse to luxuriate at a resort replete with expansive pools and a verdant golf course - a delightful endeavor comfortably charged to the corporate account. For many, a blend of all these elements is at play. Yet, for Danny Jenkins, ThreatLocker's CEO and Co-founder, the imperative remains crystal clear: safeguarding businesses and their data from an ever-evolving landscape of criminal threats. A legacy in cybersecurity. Since 1997, Jenkins has navigated the intricate world of cybersecurity, and in 2017, he established ThreatLocker alongside Sami Jenkins. During the opening keynote, he recounted an anecdote that, although familiar, resonates with urgency. Many years prior, he was summoned to assist an Australian firm in its recovery efforts following a devastating ransomware attack. This incident underscored the critical stakes ThreatLocker aims to defend. "Out of every other piece of malware I've confronted... I've never encountered one that could evoke tears from a 60-year-old man," Jenkins shared. "This man's business was faltering because someone opened a rogue email." Jenkins' relentless drive. Jenkins is undoubtedly a man of ambition. When first encountered on the show floor, he was seen swiftly moving between clusters of clients. About twenty minutes later, I found myself engaging with him in a room populated by his development and threat intelligence teams, diligently monitoring the company's endeavors amid the throbbing pulse of the convention. This particular conversation veered toward the tumult occurring in the Middle East. Jenkins articulated how activities leading up to, during, and following last year's twelve-day conflict with Iran might illuminate the ongoing turmoil in the region. "There's a brief exchange of missiles, and shortly afterward - within weeks to months - there's a noticeable uptick in state-sponsored attacks aimed at US companies," Jenkins remarked. He highlighted the fortified nature of government agencies, which, while not impervious, present formidable obstacles for hackers. However, these cybercriminals often direct their assaults toward critical infrastructure. "This includes not only power grids," Jenkins explained, "but essential services like hospitals. Municipalities present significant, vulnerable targets; their accessibility often leads to chaos and disruption." While the specter of both nation-state and hacktivist threats remains prominent in Jenkins' mind, his focus on ThreatLocker's mission - to shield organizations from ransomware and data breaches - remains paramount. "Our goal... recognizing that we cannot identify every instance of malicious activity is to transform security without aggravating the user experience or organizational workflow," Jenkins noted. The objective is to simplify the implementation of a zero-trust framework, rendering it user-friendly while erecting robust defenses against potential intrusions. "We aspire to empower users to remain untouchable by hackers... without hindering their operational efficiency." A focus on education at Zero Trust World. Zero Trust World emphasizes both education and product dissemination, fostering engagement among sponsors and attendees alike. The event features a sprawling main stage showcasing everything from discussions with Apollo program icon Gene Kranz, whose unforgettable proclamation during the Apollo 13 incident - "Failure is not an option" - serves as the event's ethos, to keynotes from cybersecurity experts and a concluding talk by Adam Savage of Mythbusters renowned fame. Two hacking labs provided hands-on experience with security practices, while multiple breakout sessions offered intimate educational forums, reflecting the event's commitment to practical application. Jenkins' dual role as both coder and entrepreneur manifests itself when he and ThreatLocker's Chief Product Officer delineated the incorporation of device-based cloud and network access controls into their Zero Trust platform; they regaled attendees with tales of the extensive efforts invested in this new offering. In the lead-up to the launch, Jenkins had personally re-evaluated the codebase no less than a dozen times, humorously facing accusations - likely in jest - that he was the sole detractor of the project. His adherence to the belief that "failure is not an option" sets the tone for his team's work ethic, often manifesting in grueling twenty-hour days. When posed with the daunting challenge of mitigating escalating ransomware threats and the widening attack surface, Jenkins responded with characteristic optimism. "First and foremost, if you're not preoccupied with the notion of falling behind in any industry, entrepreneurship may not be the right path for you," he declared. From a security standpoint, I possess no concerns, as I recognize that its methodology obviates the need for continuous innovation. However, remaining abreast of industry trends is essential; stagnation equates to obsolescence. History has shown that even giants like Symantec, once dominant in endpoint security, can vanish. "In this sector, an unwavering expectation for relentless innovation exists. I perpetually grapple with the fear that I am not meeting expectations or delivering adequately. Without setting high standards, reaching customer satisfaction remains elusive."