Expert Interview Series: Morten Kjaersgaard of Heimdal Security on Attacking Cyber Security Threats

Cyber security

Morten Kjaersgaard is an experienced leader in the security industry, currently guiding the Heimdal Security team and spearheading a new approach to information security, based on proactive protection.

We recently asked Morten for his insight on cyber security for people training to work in IT security. Here’s what he shared:

Can you tell us about the mission behind Heimdal Security? How do you hope to impact the world of cyber security?

The Heimdal Security team is driven by a challenging, yet rewarding mission: to make all our lives safer by teaching and practicing proactive security.

As we live and thrive in a world where technology is instrumental for most of the things we do, we aim to help people understand how to leverage security to their benefit and provide them with the tools to protect what they love the most.

We believe that helping people understand and apply key cyber security principles should not be done through fear, but through a constructive approach based on practical education.

Our vision is to build the best proactive security tools that home users and companies of all sizes can use to defended themselves against malicious actors and their activities. We hold ourselves to high standards and expect our clients and partners to do the same.

Our belief is that, by embracing cyber security and protecting what we hold dear, we can all contribute to making the web (and our entire world) a safer place for all.

How has the way Heimdal approaches cyber security evolved since your company was founded?

Our approach has stayed the same since we started. We focus intensely on proactive cyber security and have built both technical tools and informational tools to help companies and home users safeguard their assets.

What is key for us is to make security as simple and effective for any user as possible. We have learnt a great deal along the way and we use these insights to achieve this particular goal.

By constantly listening to everyone we interact with, we gather data that drives the advancement of both our products and our work in general.

How have the way cyber criminals target and attack organizations evolved? What do brands need to know about staying ahead of these threats?

In the past years, attack methods and the malicious software itself have evolved a great deal, especially as ransomware grew into the most widespread cyber threat in the world. Nowadays, malware is capable of digging deeper into a victim’s system and staying hidden for longer periods of time, which is why prevention becomes fundamental.

An example from the top of my mind is described in detail in one of the recent security alerts we published on our blog. In it, we describe how IT criminals compromise the widely-used TeamViewer application and turn it into a spy tool that enables them to harvest and exfiltrate confidential data from the infected computer.

But no matter how much malicious software evolves, most cyber threats still require human input to be triggered. This is the case of phishing attacks, malware distributed through spam emails or private messages on legitimate social networks, etc.

Each time a new platform grew in popularity, cybercriminals quickly found a way to leverage it for their nefarious objectives. From scams to ransomware-laden websites, from fake emails (i.e. CEO fraud) to advanced social engineering tactics (i.e. supply chain attacks) – they have always found a way to use psychological vulnerabilities against their targets.

Brands, no matter how big or small, need to invest in educating themselves and their employees about the basics of cyber security. This is basic cyber hygiene and it will greatly help them make the right decisions for their protection, both at work and beyond.

Next, brands should focus on preventing cyber attacks, as it is much cheaper and much more effective than mitigating the consequences of a compromise. Cybercrime victims would probably unanimously back this up. And there is a lot they can do in this action area!

What are the most common threats facing organizations today? What about the most dangerous threats?

Ransomware will continue to be the most menacing of all cyber threats in 2017, just as it was in 2016. This is because it combines malicious data encryption with psychological manipulation to extort victims for higher and higher sums of money. Nothing is off limits for the attackers, not even schools, churches or hospitals.

Financial malware continues to be an important threat as well, as it’s always been, with IT criminals planning and executing targeted attacks against financial institutions or valuable individuals. However, don’t think that people with less money in their accounts are not targets. Everyone is a target, as far as they’re concerned.

Another cyber threat to look out for is mobile malware, which is spreading like wildfire, as most smartphone users believe that their devices are 100 percent secure by default.

And last, but not least, malware targeted at IoT devices (i.e. Mirai malware) will become a growing problem. As more unprotected devices are recruited in botnets, we can expect that the similar attacks to the one against Dyn will happen in the future as well.

What are the biggest challenges facing organizations today in protecting their data?

Complexity is one of the key challenges for any company when it comes to cyber security. That is why it’s imperative that organizations choose the right technology partners that can guide them and help them find the best solutions for their security needs.

Protecting a large number of online platforms, physical infrastructure and devices is a difficult task, but getting everyone who works internally on board to follow security policies is even more challenging. The technological and human component go hand in hand in any cyber security strategy and must be treated as equally important.

What are the most common mistakes or oversights you see brands making?

We’ve seen a few things in our experience that could be improved in companies so that they can increase their cyber security level.

For example, not treating patching as a key IT security activity is a big oversight that can have a sizeable negative impact on security levels.

Not prioritizing proactive security and relying exclusively on reactive security tools is another.

And I’d like to close this top three with bringing up employee education again. To help them know when it’s OK to click on an email attachment and when it’s not can save any company a lot of trouble and just as much money.

This list could go on, but covering these three areas can greatly impact the strength of any company’s protection.

What are best practices for addressing security concerns? What are essential strategies organizations have to put in place in order to protect themselves?

The world of cybercrime moves fast and that compels companies to keep up, whether they’re ready or not.

Best practices include:

  • Constantly monitoring your environment and devices to see which are more vulnerable to cyber threats (and, naturally, remediating that in due time);
  • Analyzing insights provided by cyber security products and acting on the key insights they provide;
  • Having a robust patching policy and ensuring that all software used in the company is up to date at all times;
  • Having a clear and actionable cyber security policy and applying it;
  • Building cyber security awareness within the company and training employees to follow cyber hygiene rules;
  • Regularly backing up company data to avoid data loss in case of any type of cyber attack;
  • Using multiple security layers to minimize potential impact;
  • Having a response plan that can be readily applied in case of a data breach or other type of cyber attack;
  • Maintaining compliance with regulations and laws, which, in recent years, have become more specific in regulating cyber security matters.

These are just some of the few practices that companies should take into account. The bigger the organization, the more complex this list will become.

However, companies should not be intimidated by this checklist. Everything is attainable with the right human resources, the right tools and the right objectives in mind.

What trends or innovations in digital security are you following today? Why do they interest you?

I am currently interested in the way that perimeter security creators are looking to palliate the increased complexity in attacks surrounding ransomware and data-stealing malware. It is especially interesting to see how they work with and around current limitations to provide the flexible and proactive security solutions that companies require nowadays.

Ransomware is a fast-moving threat and others like it might emerge soon. As a consequence, perimeter security becomes an ever more challenging task for security specialists. I want to see how this affects the entire industry, and how it changes the current way of doing things. This is because we clearly need a better protection model, industry-wide, to counteract not only current threats but also to prepare us for future ones.

Interested in becoming a computer programmer? Contact us 

Rameez Khizer, IT Marketing