In this episode of the SecurityANGLE, our conversation centers on the cybersecurity risks posed by enterprise collaboration tools and how to combat them. I’m joined by frequent cohost, fellow analyst, engineer, and member of theCUBE Collective community of independent analysts, Jo Peterson. Our guest today is Tyler Cohen Wood, the CEO and co-founder of Dark Cryptonite, an innovative cybersecurity company offering an “off the grid closed-loop network and AI-driven secure browser” or, what is perhaps more easily described as an alternative, containerized, connected platform.
Tyler has over two decades of expertise in cybersecurity, marked by significant roles, not the least of which is serving as the Deputy Chief of the Special Commuications Office at the Defense Intelligence Agency under the DoD. She has also recently launched the “Health Exposed” podcast on the ITSP Magazine network, a platform where healthcare and the patient experience meet technology. With healthcare being squarely in the crosshairs of today’s cyber threat actors, this podcast is at the top of my weekly must-listen list.
Combatting the Cybersecurity Risks Posed by Enterprise Collaboration Tools watch the full episode here:
Enterprise Collaboration Tools: Revolutionizing Work
Enterprise collaboration tools: we all use them, but do most of us really have any idea of the risks they pose to businesses? I’m thinking not. Collaboration tools have literally revolutionized the way we work, whether we’re in the office, working remotely or in a hybrid situation. We use these platforms for meetings, chat, whiteboarding, document sharing, information sharing, project management, video recording — and so much more. But with great convenience, also often comes great risk. These very same platforms that we rely on daily are often a gateway to sensitive company information and can be a tasty target for cybercriminals. And while many of the collaboration platforms we use daily have robust security built in at a foundational level, the human element and user behavior always present risk.
Another important element to consider is that in most organizations/situations, employees around bouncing in and out of apps and platforms throughout the day. It’s estimated that the average employee juggles eight different types of collaboration tools on a regular basis, depending on their jobs/roles. For example, today alone I have used Google Meet, Zoom, Webex, Microsoft Teams, Slack, Dropbox, Google Docs, and StreamYard. Think about it:
- Project management tools
- Shared calendars
- IM tools
- Cloud storage and file-sharing tools
- Video conferencing tools
- Whiteboard collaboration tools
- Enterprise collaboration social networks
- Messaging/Collaboration platforms
These tools and platforms are an integral part of our workdays today, but as I mentioned, the convenience they afford comes with security and compliance risks you might not be thinking about. That’s why we are excited about this conversation with Tyler Cohen Wood today.
The Potential Security Risks Organizations Face from Enterprise Collaboration Tools
I walked us through a bit of a backstory on the rise in the adoption of collaboration platforms, and it’s really quite amazing how quickly we’ve integrated these into our workflows. Once upon a time, email was our go-to channel, but that is changing. In fact, the integration of and use of collaboration platforms is, in some instances, supplanting email as a primary collaboration/comms channel. But let’s talk security as it relates to these collaboration platforms: How big of a security risk do organizations face with the various enterprise comms and collaboration tools?
A short list of the risks we explored includes:
- Data breaches (increased number of entry points/wider attack surface)
- Sharing of sensitive information (PII, PHI, PCI data, credentials)
- Phishing
- Insider threats
- Access management
- Insecure APIs
- Misconfigurations
- Improper lifecycle management (keeping documents for too long or disposing of docs that might be important later.
- Accidental information release
I’ll admit that I had not thought about some of these risks, for instance, improper lifecycle management, but once you start looking at the risks laid out like this, it’s definitely an attention getter.
Comparing Email Security and Collaboration Platform Security
While organizations have made great strides in email security, which is key, as phishing remains a primary (and incredibly successful) tactic utilized by threat actors, our conversation turned to an exploration of how secure email is in comparison to other collaboration channels.
Tyler opined that email is only as security as the internal security measures taken and the knowledge and practices of the users relying on email. She further stated that while cybersecurity awareness training used to be somewhat sufficient, that is no longer the case. We need to look at cybersecurity awareness training as a first level of defense, but we also need more tools, frameworks, and technology that help enhance that security posture. You can have the most security collaboration platform on the planet, and while it may be secure today, that doesn’t mean you’re done. Cybersecurity is a living, breathing thing, and it has to be regularly updated to keep up with new vulnerabilities as well as the ever-evolving attack methods and tech used by threat actors.
How Seriously Are Enterprises Taking the Security of Collaboration and Communication Channels?
Threat actors have become infinitely more sophisticated, and we are collectively more at risk than ever before. It takes only one vulnerability for a threat actor to breach a system, and while organizations must understand and manage the risks and vulnerabilities, they also have to maintain functionality and usability. Tyler shared an analogy likening this to a car: if you take the wheels, the engine, tires, or seats out of a car, you’re likely to protect it from being stolen: but you can’t use it either. Striking a balance between usability and security is a difficult task, but it’s crucial.
While we hear a lot about the importance of securing email today, we hear infinitely less about security enterprise collaboration and communication platforms. Our conversation evolved to explore whether we see organizations taking the risks posed by these platforms seriously and have bought into it as a risk category on a widespread basis, or whether it’s still considered by many as an emerging risk category.
Tyler shared that while she thinks most organizations realize the security risk, she feels they often don’t know what to do about it. The CISOs that she regularly interacts with share that there’s so much to keep up with that it presents a major challenge. They often suffer from tool fatigue and she shared there’s often a sense of desperation from these security pros.
What to Consider When Securing Enterprise Collaboration and Platforms
When it comes to things to consider when securing enterprise collaboration and comms platforms, as you might expect, the three of us wholly agreed on multi-factor authentication (MFA). It’s part of a layered approach, and while it might add a moment of irritation for users (we see you nodding out there), keeping those platforms safe by requiring MFA as part of the login process is recommended.
In addition, end-to-end encryption and strong admin controls are essential for securing the enterprise collaboration platforms, as are data loss prevention tools which help ensure that sensitive data is not lost, misused, or accessed by unauthorized users. Regular security audits and compliance checks, and even user behavior analytics to determine if something is suspicious are also key. We are seeing widespread adoption of secure access service edge (SASE), which we’ve talked about quite a bit before, which is a good thing, and integrating a wide area network with comprehensive security services to protect users and apps wherever they are is important, as is the automation of threat detection and response. A zero-trust architecture is something that we collectively regard as highly important, and finally, keeping comprehensive backups and appropriate storage solutions so that if something goes wrong, you can access them right away.
The Secret Sauce that is Dark Cryptonite
While I’ve known Tyler for a long time, as is the case with many, I knew broadly what her expertise and focus areas were, but I really had no idea of how cool Dark Cryptonite, the company she founded, is. In fact, we’re going to do a whole episode on Dark Cryptonite, it’s that cool. But I’ll leave you with this: Dark Cryptonite is an off-the-grid, closed-loop network that is combined with an AI-driven secure browser. Dark Cryptonite users are not using the traditional internet, they’re using an alternate internet, and not actually connecting to domains or IP addresses, but instead connecting to hashes.
Tyler describes it like this:
I like to think of the internet as highways and streets. Lots of cars can go on those highways and streets, and they have identifying features and can do whatever they want. Compare that to NASCAR, which is a closed-loop track and a closed-loop network. The cars from that closed-loop network are not getting out to the streets and the highways. Dark Cryptonite is essentially a similar closed loop that users are using hashes to connect to, which can be changed and reproduced on the fly. Users can save and store files at hashes, they can do email, and run any enterprise collaboration or comms technologies through this network, which is very obfuscated and off the grid. Because you are not using domains or TCPIP in a traditional manner if you have a phishing attack/ransomware attack that is trying to escalate its privileges — think of this a bit like a train, on the internet, which is a train track, and that attack knows how to navigate the train track to escalate its privileges. However, when this train hits Dark Cryptonite, it’s such a different methodology that it doesn’t know what to do. It can’t escalate, and it stops. It can’t do anything or go any further because it doesn’t have those train tracks.
See, now you want to learn more about Dark Cryptonite too, don’t you? Well we will definitely make that episode happen – and soon.
And that’s a wrap for this episode. Thanks to Tyler Cohen Wood for sharing her brilliant mind with us, to Jo Peterson, for joining us, and to our readers, viewers, and listeners, and we’ll be back next time with another exciting and informative SecurityANGLE broadcast.
See more of my coverage here:
Unpacking the SonicWall 2024 Mid-Year Cyber Threat Report
Zscaler’s Executive Insights Mobile App: Serving Up Better Experiences
Deloitte AWS Collaboration Designed to Accelerate and Scale Enterprise AI Adoption