Beers with Engineers Wraps Up with Retrospective
Five years. Twelve cities. Four states. Seventy events. Those are the key numbers associated with US Signal’s successful Beers with Engineers (BWE). (We stopped counting the number of different breweries and beers involved.) But all good things come to an end. November 14 marked our last BWE event.
Now, we’re setting the stage for new ways to support our local IT communities. (Details to come on that!)
All of us at US Signal appreciate the opportunity we’ve had to use the BWE format to bring together IT professionals, industry experts, our technology partners, students, and others to discuss trending IT topics, new product solutions, and some of the most pressing issues those of us in the IT business face. We hope you have all found the discussions informative — and enjoyed the networking opportunities and, of course, the beverages.
Our final event was one of our best, as we used the opportunity to have our panel of experts reflect on some of the topics we've explored over the last few years. Keep reading for some of the highlights, or watch the full replay here.
Beers with Engineers - The Last Call
Final BWE Discussion Highlights
A diverse range of topics have been covered over the past five years at our BWE sessions. However, a few seem to have garnered more attention than others. Among them the IT threat landscape, particularly ransomware, and the use of cloud-based security to defend against and deal with the threats. But as the panelists at our last BWE session noted, things have evolved in terms of these topics over the last five years.
Early on, the typical approach to dealing with a catastrophic incident was focused primarily on disaster recovery. Today, it’s more about business resilience — staying in business after something happens. And quite often, the business-threatening incident involves ransomware.
The change in approach has been driven, in part, by the growing speed, number, and frequency of cyberattacks, particularly ransomware attacks, and the decrease in dwell time — when a malicious actor has access to a compromised system). IT teams are challenged to quickly identify and deal with attacks before they can do damage. That requires more advanced monitoring, detection, and incident response capabilities. (Need help with incident response? Download US Signal’s Incident Response Plan Template.)
As one of the panelists noted, “When we started BWE five years ago, we were talking about attackers being in your network for six months before an attack happened. I saw some stats last week that some ransomware may be in a network for as little as 24 hours before an attack begins.”
Cybercriminals are also now employing increased pressure tactics to force targeted companies to pay up after having their data hijacked. For example, threat actors not only contact their victims to coerce them into paying for the release of their data. They’re also more likely to contact the targeted company’s customers or family members of the company’s key employees to force payment.
Yet another factor that’s been changing the IT landscape is cyber insurance.
“Years ago, there wasn't even such a thing as cyber insurance,” one of the panelists said. “Now, with the prevalence of ransomware, it's not a matter of if you’re going to get attacked but when. So there’s not only greater demand for cyber insurance. The insurance companies themselves are really tightening their requirements. They're asking companies for very detailed and sophisticated plans for dealing with attacks.”
Privacy laws and compliance requirements are also impacting the IT industry. (See US Signal’s eBook: US Data Privacy Law Reference Guide.) Case in point: 13 individual states have implemented privacy laws that are impacting how businesses operate and changing the required skill sets of IT professionals.
“We're seeing places like New York adopting cybersecurity regulations at the state level that are directly impacting financial and other businesses,” one of the panelists explained. “That’s driving the need for IT teams to understand how to handle security and compliance specific to the particular industry on top of all of their other requirements. It's really stretching the required skill set of IT professionals.”
The panelists also discussed how the continued migration to the cloud necessitates that companies employ greater due diligence in selecting cloud service providers and ensuring their competency when it comes to cloud security and compliance requirements.
“Don't be afraid to put your vendors through the third-party risk ringer,” one of the panelists advised. “Ask what compliances they maintain. How do they maintain them?
“Organizations also need to understand the shared responsibility between their companies and the cloud providers. Who should be setting up the firewall? Who should be setting up the access controls? Do I have to worry about patching the hypervisor if I have to worry about managing the hypervisor?”
He also stated that companies need to understand how their cloud service providers can help them address their compliance requirements.
“Look at each of the required controls. Does the provider help you address those? Is it a matter of shared responsibility that requires you to take certain actions in conjunction with the cloud provider? Or does the responsibility for various controls or actions switch as you get higher up in the stack?”
Stay in Touch
This blog just barely scratches the surface of the great discussion that took place at the final BWE session. Make sure to catch the whole thing here to get all the insights and suggestions shared.
You’ll also want to stay in touch to learn how we’ll support our local IT communities going forward. Fill out the form here to receive the latest updates. Watch our events page for more learning and networking opportunities as well. And if you’re interested in past BWE sessions, they’re still available to you here.
Thanks again for joining us for BWE. Stay tuned for what’s next!