ThreatLocker: Make Your Business A Hard Target For Cybercriminals

At XChange, Rob Allen, chief product officer at ThreatLocker, urged solution providers to rethink how they protect their own systems and their customers. Allen said attackers are choosing victims based on ease of entry rather than industry or size. “The brutal reality today is that cybercrime is industrialized,” Allen said. “They are not hacking you specifically.”

Allen detailed a recent MSP breach that began when a technician downloaded cracked software. “They inadvertently deployed Cobalt Strike in the MSP,” he said. Attackers then stole credentials, gained access to the MSP’s remote management tools and pushed ransomware to seven customers. Their data later appeared on a leak site.

Allen warned providers not to rely on partial coverage or reactive tools. “There is no point in protecting 80 percent of an environment because it is the 20 percent that isn’t protected that’s gonna get you,” he said. He added that detection alone creates a false sense of security. “Alerts are not protection.”

ThreatLocker promotes a control-first strategy that focuses on default deny, application allowlisting, ringfencing and strict network controls. Allen said limiting what can run within an environment greatly reduces the attack surface and blocks lateral movement, a key tactic in large scale breaches.

“You do not need to be unhackable,” Allen said. “You just need to be harder to hack than the next company.”

Learn how to strengthen your security posture at ThreatLocker.com.