Demands and expertise of the security industry are driven by technological advancement on both sides of the attack/defence fence
Increased computer power, artificial intelligence, and tools on the Dark Web are equipping cyber attackers with the resources to launch more sophisticated and destructive attacks.
Reactive defenses are no longer enough to stop attackers from infiltrating even the best security architectures.
Environmental dynamics are also changing and disrupting resiliency with the rapid adoption of cloud infrastructure and the proliferation of IoT devices.
The concept of a perimeter as we have known it is disappearing, and the battle against cybercrime has moved inside the network. With this shift, organisations need to rethink their security strategies as well as the tools they have traditionally come to rely on.
The threat landscape shift over the last 20 years
Attacks are getting both more and less sophisticated. More sophisticated in the targeted phishing email attacks and less in the “spray and pray” attacks that bombard similar companies with similar forms of attacks. With these, instead of being strategic, they are being opportunistic and preying on the mistakes and simple misconfigurations that lead way to an easy attack. Earlier forms of attacks focused on credit card and PHI theft, these remain active but are also now accompanied by ransomware and crypto-mining attacks (mining and the theft of cryptocurrencies) in an effort for simpler and more instant gratification.
Changes to the threat landscape are changing the strategic considerations of boards and business leaders
With the increased risks of a cyber attack, cybersecurity needs to be on the mind of both boards and business leaders. This is not only to prevent disruption of service and loss of revenue, but also to maintain a competitive advantage. Business must constantly innovate in the services the offer and in how they are delivered. Falling behind will be at the expense of customer loyalty and sales. Plus, with the change in generational interests, not appealing to the millennial need for open and on demand access could also result in company obsolescence.
The role cybersecurity companies have to play in guiding organisations through this ever-changing, always evolving, threatscape
Cybersecurity companies must adapt their approaches to security and solutions to align with the new perimeter-less network. This will drive a shift in thinking and product design to address security in multi-cloud, IoT, and other inter-connected environments. Better solutions will also need to be provided that deliver more accurate detection, remove false positive alert fatigue, and provide adversary intelligence so that an organization can completely eradicate the threat and fortify their defenses. Cybersecurity companies also need to align with newer technology innovators so that systems can automate for information sharing and response action. An example of this would be taking a deception technology detection alert and feeding the adversary intelligence to a SIEM or Threat Orchestration Tool. Achieving a full detection fabric across all attack surfaces with coverage for all attack methods requires multiple technologies. Collaboration amongst the technology vendors plus helping organisations understand how to align their security stack will result in optimal protection and detection results.
Threats will continue to evolve and be challenging to keep in front of. Instead, I would suggest readying for the attacks based on the methods, which tend to be very consistent. By using technologies that provide early and accurate detection of these activities, an organisation can stop an attack early in the attack lifecycle and before they are likely to cause harm. Noting, new technologies, deception is playing a critical role in providing early detection for these attack methods across legacy and emerging attack surfaces.
Stealing local credentials
Looking for file shares and connected systems
Network recon – hosts (production assets) and open doors on the hosts (open ports)
Query AD – to find user and system accounts
Man-in-the-Middle attacks (MitM) – steal credentials in transit
The risk of a data breach or a cyber-attack on businesses is not a matter of “if” but rather a matter of “when” and I am sure I do not need to tell you why this is very concerning matter for users as well as businesses.
The whole aspect of cybersecurity is to safeguard a user/s data but it doesn’t mean that this is always the case because you see cyber fraud taking place from an individual level, then you see large corporations being exploited. Now you will never be able to eradicate cyber breaches, cyber attacks, cyber fraud, etc but you are able to place procedures that will make it hard for people to hack your digital software, and will hopefully prevent these people.
The first thing you should consider about cybersecurity is that it will be constantly evolving and changing due to the pace of technological advancements every day.
Our homes and the world around us is changing and becoming more digital – this is important to note because this increases the number of devices we have connected to the internet – and with that an increase in the probability or the likelihood of ones data becoming vulnerable to attack
Everything from digital thermostats, smartwatch, smartphone and other smart devices to your personal computers, ultimately anything connected to Wifi or network or server.
Entering the new year and new decade we are bound to be introduced to new technologies that will help us with everyday life however with this there will also be risks of cyber risks.
Now where does this leave you? Here at Tech Geek we are hosting a free workshop on cyber security, it will be an introduction into this and we provide a course on cyber security with a certificate taught by corporate professionals that have years of experience in the cyber security field. Further information will be on our website Cyber Security Training