When Matt Aldridge of Webroot, an OpenText Company, agreed to sit down with Aviva Zacks of Safety Detective, she was glad. She found out how his company is helping MSPs secure their customers.
Safety Detective: How did you get into cybersecurity?
Matt Aldridge: While I was at university, I worked at a cybersecurity software company. I started as a programmer of military defense software, but then I pivoted into systems and networks.
About six years ago, I started my time at Webroot, working with their OEM threat intelligence team. Now I specialize in threat intelligence and integrating that into partner systems.
SD: Tell me about your company’s products.
MA: Carbonite and Webroot, OpenText companies, harness the cloud and artificial intelligence to protect businesses and individuals against threats to cybersecurity and data loss. Combined, we provide endpoint protection, network protection, security awareness training solutions, and data backup and disaster recovery, purpose-built for managed service providers, and small businesses.
SD: What specific industries will be most likely to use your products?
MA: We deal with everything from consumers, to one or two-person companies, up to large enterprises employing tens of thousands of people. But our products are particularly well designed for managed service providers (MSPs) who cater to small-to-medium-sized businesses (SMBs). We give MSPs all the security tools they need, and we make sure they’re integrated into the other technologies that they use—remote monitoring and management (RMM) tools, professional services, and automation tools—then we integrate within our consoles and our APIs to make the process simple and seamless.
They can easily roll out our protection to their customers and manage it all in one place. From there, they know they’re not going to have to go on-site to fix infections because our protection has automatic remediation components. This is key to saving their already limited resources of time, budget, and manpower.
Together with Carbonite, we have a full suite of cyber resilience solutions. We have backups in the cloud, on-premise backups, and various other kinds of data migration solutions. All these things are coming together so that if a small or medium business gets infected, we still can give them the ability to recover using the Carbonite backup solutions that are now integrated into our portfolio.
SD: What do you think is the worst cyberthreat today?
MA: The worst one that comes to mind is ransomware. It has been a pervasive issue over the last few years and the main reason for that is that it’s a very profitable campaign for threat actors. We see ransomware being an arms race between the cybersecurity industry and cybercriminals, who are trying to penetrate the protections put in place.
Then there are always new, evolving phishing attacks. The social engineering that goes on to convince people to click to execute malicious code and infect their organizations is becoming very advanced and difficult to identify without proper training. That’s why Webroot developed a security awareness training solution as a complementary layer to our endpoint security and network security solutions. We ensure that all the employees of an organization have been properly trained and have regular assessments where they get sent simulated phishing attacks. This way, the management of these organizations can be sure that people are responding correctly to the training and that they’re fully prepared for real attacks when they hit the organization.
SD: Do you think that the COVID-19 pandemic is going to change cybersecurity for the future?
MA: It has caused a more rapid evolution to the realization that so much business is now done in the cloud. That the borders of old are so irrelevant and lots of companies have been clinging on to their on-premise security solutions, but now are trying to keep remote users safe. There are so many users working remotely that those old approaches don’t scale so well.
Everyone has these questions on their minds: How can we move our data securely into the cloud? How can we make sure it’s backed up? How can we make sure that our users are adequately trained and protected and that if they face any sort of security issue that we’re going to be able to remediate and deal with that situation?
Every user becoming a remote user has turned the model completely on its head. And you really must treat each user and each device that each user is using, as an independent entity because they’re so much more exposed to attacks than they were in the past. COVID-19 has proven there’s no better time to revisit your cyber resilience strategy and to ensure your partner network is strong and supportive.