Wise words from Rapid7 at RSA
- Robert Salier
- May 6
- 2 min read
Updated: May 12
When Rapid7 speaks, people listen.
Founded in the year 2000, it is one of the world's most experienced and respected global cybersecurity companies. They just spoke at RSA in San Francisco, where I see several of my ex-colleagues and friends have travelled to attend this premier cybersecurity conference and trade show. I wish I could be there this year, but instead I’m tending to business while slightly nervously enjoying the new summer-like weather we are having here in Melbourne, a mere 6 weeks before our winter solstice.
This article from cyberdaily.au summarises what Rapid7 had to say: https://www.cyberdaily.au/security/12046-ransomware-is-still-a-thing-because-we-re-making-it-easy-for-the-hackers
Here are some salient quotes…
“A dozen years after attacks like CryptoLocker set the trend for modern ransomware, it remains a critical threat as attackers continue exploiting the same gaps repeatedly. Weak credentials, unpatched vulnerabilities, and poor incident response planning are all maintaining ransomware’s status as a reliable moneymaker,”
“What if an attack strikes and the main decision-maker is on vacation and they didn’t bring their cell to the beach? Who’s the replacement, what happens next? All these things need to be planned out and tested in detail.”
“Enterprises must get their fundamentals right to break the cycle of attacks.”
“To start winning this battle, organisations don’t need to take drastic measures … they need to get the basics right and take back control. No more giving the adversary easy wins.”
This is not new news for anyone reading my articles and posts at holisticyber.au, or having the misfortune to be cornered at a BBQ to have me bang on about the importance of not falling into the trap of thinking about cybersecurity as a technology issue best left to your IT people. Most cybersecurity incidents are traced back to human error, often when staff don’t understand the implications of their behaviours and actions.
Oh, and change your password! Or better still, go passwordless. Ask me how.
