Alex Holland, senior malware analyst at HP, on data security
Can you tell me about your company?
Founded in 1939 by engineers Bill Hewlett & Dave Packard, HP Inc. today is a global technology company that believes one thoughtful idea has the power to change the world. Its product and service portfolio of personal systems, printers, and 3D printing solutions helps bring these ideas to life.
HP is a trusted voice in the ever-changing cybersecurity landscape. Our decades of security research and development means we can tackle current and emerging threats, while our cutting-edge technology and industry-leading experts guide the way to a more secure, resilient future. This is vital as the threat landscape is growing increasingly hostile, particularly for enterprises targeted by cybercriminals seeking to monetise stolen data and access to compromised systems. Endpoints such as laptops, printers and mobile phones, are the first line of defence for the data and resources we care about most.
HP also has a malware lab that investigates notable malware campaigns isolated by HP Wolf Security, so that security teams can better understand the threat landscape and defend their environments.
Finally, we have HP Wolf Security, our unified software portfolio for customers focused on delivering comprehensive endpoint protection and cyber-resiliency. Rooted in Zero Trust principles, HP Wolf Security combines hardware-enforced software and security features with industry-leading endpoint security services. This helps organisations to defend against both known and unknown threats – even zero-day vulnerabilities.
What is your role and responsibilities at the company?
As a Senior Malware Analyst, my team is responsible for drawing insights from emerging and ongoing cybercrime trends by analysing malware isolated by HP Wolf Security. Our goal is to equip security teams with knowledge and tools so that they can defend their organisations against the latest endpoint threats. Reaching out to the wider information security community by sharing malware investigations and indicators of compromise is an important part of our work. Cybersecurity is a team sport that requires collaboration across industries.
As digital transformation continues, do you think the threat of malware will keep growing too?
The mass shift to remote work over the last 18 months created unprecedented challenges for security teams organisations and as the working world now goes hybrid, new challenges will continue to evolve. Growing numbers of employees have been buying and connecting unsanctioned devices to work networks without notifying IT departments, and it’s becoming harder for IT Security teams to monitor user behaviour, potentially exposing organisations to threats. It remains far too easy for attackers to bypass enterprise defences and compromise devices by tricking users into clicking malicious email attachments and links.
Once an attacker has compromised one endpoint a common goal is to move laterally across the network to access valuable systems and data. In most organisations spotting intrusions relies on detection, which attackers spend significant time and resources evading.
What steps can businesses take to keep their data safe?
Attackers are continually innovating to find new techniques to evade detection. So, it’s vital that enterprises plan and adjust their defences based on the threat landscape and the business needs of their users.
Organisations should focus on reducing the attack surface and enabling quick recovery in the event of a compromise. This means following Zero Trust principles, applying strong identity management, limiting privileges and adopting isolation technologies from the hardware level. For example, micro-virtualisation isolates files and links from common attack vectors such as email and web browsers so that any potential malware or exploits lurking within are contained, rendering them harmless.
