December 1, 2020
By: Kim Morgan
In February of 2019, we sat down with Mishaal Khan to discuss Mindsight’s vision for providing cybersecurity and data privacy offerings to our clients. In case you’ve forgotten Mishaal has been breaking and – thankfully – rebuilding computers for as long as he can remember. As a Certified Ethical Hacker (CEH), CCIE R&S, Security Practitioner, and Certified Social Engineer Pentester, Khan offers insight into the often murky world of cybersecurity. Khan brings a multinational perspective to the business security posture, and he has consulted with SMBs, schools, government institutions, and global enterprises, seeking to spread awareness in security, privacy, and open source intelligence.
Much has changed since then, and a company’s cybersecurity posture has only become more important. So, we (virtually) met with Mishaal again and discussed the future of cybersecurity as a Mindsight offering.
KM: When we last spoke, you said that your primary role at Mindsight was to spread security awareness. Is this still true? How has your role expanded since then?
MK: Security starts with awareness on why we need it. This is what I tried to tackle initially through marketing efforts, events, pre-sales calls and blogs. It will always be an ongoing effort. Since then, I have expanded our capabilities to a full service cybersecurity practice, from boarder security risk assessments and implementing and fine tuning security controls and policies to managing them by taking advantage of a vCISO.
KM: What is the biggest misconception around security policies today?
MK: Simply having them does not make you secure. There should be an active effort to updating and maintaining them based on what works for you. Enforcing and testing them should be a priority.
KM: We know layering your security measures is best practice. Now that people are working remotely in record numbers, what is the most critical “layer” so to speak? Say you can only afford 3 of 5 layers, what would you recommend?
MK:MFA, email security and DNS filtering would be my pick as these take very little effort to implement and yet have the largest impact on your security posture, especially when most attacks are carried out remotely and utilize phishing emails and malware.
Technology Developments
KM: In your opinion, what is the greatest threat to companies with remote workers working from home? What should remote workers be using in their own home networks to ensure a secure connection?
MK: A secure firewall, strong Wi-Fi password and some form of DNS URL filtering will protect home users from a lot of the automated and wide spread attacks.
KM: Anything new and cool happening in the cybersecurity space? Any game changing technology?
MK: There is always a lot of promise from AI technologies aiding with detection and quick problem resolution. But deceptive marketing and product promotions usually swarm the news feed abusing all sorts of buzz words. I have yet to see anything change drastically. There are always new exploits and detection methods emerging. It’s a cat and mouse game.
The Mindsight Difference
KM: What is the difference between hiring an individual cybersecurity manager versus engaging in a partnership with Mindsight? What are the benefits to an MSP?
MK: With Mindsight you will get a trusted advisor and a one stop shop for your cybersecurity needs. Our customers utilize our breadth of talent in the different technology sectors and take advantage of our experience and partnerships within the industry. They certainly cut down on the time to make a decision and deploy a solution.
Check out Mishaal’s thoughts on why hiring a vCISO can be a game changing move!
KM: What keeps you excited at Mindsight? What are you interested in learning more about?
MK: The best part about this job is that I don’t consider this a job! Every day I get to listen to new challenges and get to solve new problems. It keeps me thinking and curious. I always keep a close tab on how mass data collection is making privacy the next big challenge.
KM: Even though we are all remote right now, where can people hear you or “see” you talk about cybersecurity?
MK: I post some activities on my LinkedIn page about webinars, articles or useful resources for the community.
About Mindsight
Mindsight is industry recognized for delivering secure IT solutions and thought leadership that address your infrastructure and communications needs. Our engineers are expert level only – and they’re known as the most respected and valued engineering team based in Chicago, serving emerging to enterprise organizations around the globe. That’s why clients trust Mindsight as an extension of their IT team.
Visit us at http://www.gomindsight.com.
About the Author
Kim Morgan is part of the Marketing Department at Mindsight. Since 2007, she has devoted her career to using digital media to educate and effectively communicate a variety of topics at all levels of expertise. Kim’s favorite part about Mindsight is how team members are encouraged to always be curious, and continue developing not only professionally, but also personally. When not working, she can be found toting her 4 kids around in her sweet sweet minivan while rocking out to hits from the late 90’s and early 2000’s.
