Providing industry leading IT security services has always been a core aspect of Nucleus’ mission and we are continually evolving our IT security offering to ensure we remain at the forefront. As part of this ongoing evolution, at the beginning of 2022 we launched our dedicated Cybersecurity Division and appointed long time team member, Wayne Chow, to lead this team as the Director of Cybersecurity & Project Services!
We sat down with Wayne to ask him some questions about IT security and how our clients and prospective clients can work on the health of their cybersecurity posture. The new year is a great time to evaluate where you are with your cybersecurity efforts and to determine if you have the right roadmap in place.
Wayne, what would you say is the largest resistance small and medium-sized business leaders have in regards to their cybersecurity investment?
Well, cybersecurity CAN be costly to your business so there is a bit of resistance there. That said, I am a true believer that the cost of not investing in protecting your company far outweighs any kind of cost that would be associated with putting in preventative measures to keep your information, and your client’s information, secure. Loss of intellectual property and client data could result in millions of dollars and downtime for the organization.
We sometimes hear from our clients, “Oh we don’t need that level of security – we’re too small for anyone to care to hack in to our systems.” Well that’s simply not true. The effort that it takes to attack larger enterprises these days is a slow game for hackers. Attackers may have to spend months or years trying to figure out systems before they succeed at an attack. Now with sophisticated software and brute determination, hackers target small and medium-sized businesses (SMBs) with bots. Smaller enterprises don’t have that same level of due care as the larger corporations have. So, while it may be a smaller payout, it’s low hanging fruit and an easy win for an attacker who can preform these wins multiple times over easily. Small business leaders need to consider what would happen if someone attacked their business, what would be the cost and what would be the impact to their reputation if that happened.
What is a vulnerability?
A vulnerability is any vulnerable point of contact that an attacker could penetrate to obtain private information for fraudulent use, take control of your accounts, or conduct any other criminal activity related to your technical space.
What is Multifactor Authentication (MFA) and why is it important for a company to make sure they are using it in every aspect of their organization?
Today just having a password isn’t enough to protect your accounts and infrastructure. With the advancement of computers and processing, millions of passwords can be brute forced to log into your account within a very short time. Passwords these days can also be found in leaked databases on the dark web and as such a new method of authentication is required to ensure you are identified as the correct person logging in. MFA is currently considered the minimum security stance now when trying to protect your credentials from being used by someone else. When MFA is used correctly, only you have the secondary authentication method to prove you are the correct person using the credentials entered. By adapting and onboarding this authentication method, it doesn’t matter if someone tries to enter your leaked credentials as they will not be able to get in. MFA also provides you with alerts that you may have had your credentials compromised at some point and then provides you the opportunity to change them.
What if a small to medium sized business has their own internal IT department, but just doesn’t have the capacity to bring their cybersecurity to an optimal place? Can Nucleus help and how so?
Nucleus can help augment and work with your current IT staff to provide a better security stance. We all know that day-to-day IT can be overwhelming. Nucleus can engage in a vCISO (Virtual Chief Information Security Officer) capacity to ensure the right IT security program is in place and that there’s a defined IT security roadmap. We have a lot of experience in co-managed scenarios, working along internal IT teams, augmenting, and extending their capacity.
Do you need cybersecurity to obtain business insurance? How can Nucleus help with this step?
Yes, in this new remote-first workforce climate, there are certain requirements that must be in place before an insurance company will sell you cybersecurity insurance. Nucleus can help you navigate through these requirements to obtain the insurance you need to safeguard your business. We’ve worked with our clients in these specific instances to deliver security initiatives to satisfy the requirements of insurance companies.
What are we doing at Nucleus to ensure we are keeping our clients secure today?
Clients who have adopted Nucleus’ Managed Security Services are covered by our multi-layered approach with an array of software, products, and services.
There is no silver bullet solution to protect your business, gone are the days that just a firewall is enough. It takes multiple layers of security to protect your business, these include but are not limited to:
These solutions are tied directly into our ticketing system which provides security-based alerting, monitoring, management, and monthly reporting across all Nucleus clients.
Explain social engineering and how it affects the IT world?
Not all attacks are digital and in some cases attacks revert back to the basics of human interactions, to gather info for malicious cybersecurity attacks. Social engineering uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
“Cybersecurity is no longer a ‘nice to have’ – it’s a must.” –Wayne Chow, Director of Cybersecurity & Project Services, Nucleus Networks
Who is Wayne Chow?
Here’s where we get to know Wayne a little more! Not only is he Nucleus’ Director of Cybersecurity & Project Services, but when he’s not working he’s enjoying time in his cycle community going the distance:
Wayne, what get’s you jazzed about 1. technology & 2. the world of cybersecurity?
Cybersecurity and Infosec are the forefront of IT and are now a main staple of any organization building out a new or existing infrastructure. I’m super excited to jump onto progressive technologies as I feel this is where new ground is being made in IT.
I look forward to developing and honing my skills in cybersecurity. I excel and learn when I am challenged.
Where did your interest in the world of IT begin? How did you begin your career?
Video games and the curiosity to figure out how everything worked. I was always taking apart all my toys to figure out what made them move and tick and this curiosity lead me to the world of IT and I’ve never looked back since.
My interest in programming and computers lead to my education in this field and eventually helped me find my first role in IT as a tier 3 support analyst within one of the BC provincial government branches.
When you’re not at Nucleus what are you doing? What is your favourite sport?
When I have spare time, I try to get out and do some road cycling with friends and riding clubs.
What kind of road bike do you have and what gadget excites you the most about road cycling?
I have a carbon fiber road bike and the cool gadget or technology on this bike is wireless electronic shifting.
Most KM’s clocked in a single ride?
350 km
Favourite bike route in B.C?
A round trip ride to Whytecliff Park with a loop around UBC.
Traveller or Homebody?
Traveller
If you could pack up and travel somewhere tomorrow where would you go?
Peru or New Zealand
Have you done any bike trips around the world? If so where?
Not yet but I would like to cycle the Paris to Amsterdam route.
Chosen superpower?
Ability to stop or freeze time.
Want more information about our Managed Security Solutions? Visit: https://yournucleus.ca/services/cybersecurity-services/