Anticipating Cyber Attacks

Cyber attacks, data breaches, and vulnerabilities are a mainstream problem. Since IT networks have become so much more complex, offering numerous places for a hacker to hide it means that cyber criminals can be hidden in IT networks, for days, weeks or months.  Attackers are typically able to roam around a breached environment for more than a year before being detected. 

With attackers spending so much time freely and anonymously navigating the IT environment, security teams need to shift their focus inside the network and implement tools that help detect cyber-attacks as early as possible in the  lifecycle of  a breach..

Recent analysis suggests it often takes organisations an average of 8 to 9 months to identify and contain a data breach. This gives hackers time to analyse data, infiltrating systems and steal what they see as valuable information. Sometime data breaches cannot be detected for years. In the 2018 Marriott International data breach, hackers were accessing the network for over four years before they were discovered, which resulted in the records of 339 million guests being exposed. 

The international hotel chain then suffered a second data breach this year after cyber criminals had been in the network for over one month, impacting approximately 5.2 million guests.

One the most common form of cyber crime is straightforward financial  theft. Cyber criminals aiming to steal money can  d infiltrate ATM networks, enabling transaction skimming from online banking systems. Or they can  threatening to lock up a computer unless a ransom is paid. Cyber criminals may be a single individual, but more likely complex networks of people spread around the world with multiple roles. 

It is now more important than ever for organisations to be able to analyse contextual data in order to make informed decisions regarding their network security policy. 

This is not possible without 24/7/365 Managed Detection and Response (MDR) tools for proactive threat hunting that uses event monitoring logs, automated use case data, contextual analysis, incident alerting and response and applying Tactics, Techniques and Procedures (TTPs) to identify issues that improve an organisation’s security posture.

When anticipating the unknown, cyber security analytics tools can capture data and detect evasive and malicious activity, wherever they are in the network in real-time. 

Creating detailed policies and properly enforcing them is one step security teams can take to proactively detect and remediate malicious activity immediately. With policy enforcement, attackers will have a hard time attempting to make lateral ‘east-west’ movements or remaining hidden in any part of the network, as the security team will be able to see inside the network and protect against threats across all attack surfaces across all managed endpoints with a unified multi-layer approach. This includes policy generation and enforcement MDR tools that can provide greater insight into the overall reliability, impact and success of network systems, their workload and their behaviour to identify threats and proactively respond and protect assets.

In reality, this means that security teams can take measurable steps towards controlling system access of the network environment; knowing who is in the network, who should be able to access what data and which applications, and being the first to detect Indicators Of Compromise (IOC).

"Threat hunting is a way to stay one step ahead of cyber criminals. Organisations no longer have to wait to be alerted of data breach before taking action; today it is essential to have a complete picture of the entire network in real-time." said CEO of Certes Networks, Paul German.

This should include exttending these capabilities to teleworkers, so that unusual activity can be identified and halted immediately, before any damage occurs. With strong MDR tools at the core, organisations can ensure a strong and effective security posture based on anticipating the unknown, clear visibility into vulnerabilities that pose the biggest threat and identifying barriers that prevent successful tracking and remediation.

Recorded Future:    Certes Networks:       Professional Security:        CyberArk:   

You Might Also Read:

Managing Your Cyber Security, Detection & Response:

 

« Russia's Hackers Are Masters Of Cyber Warfare
Malware Versus Ransomware: What’s the Difference? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

TechInsurance

TechInsurance

TechInsurance is America's top technology insurance company offering a range of technology related products including Cyber Liability insurance.

Robert Half Technology

Robert Half Technology

Robert Half Technology offers a full spectrum of technology staffing solutions to meet contract and full-time IT recruitment needs.

Travelers

Travelers

Travelers is a leading writer of US commercial property casualty insurance and one of the world’s largest global insurers for cyber insurance.

Augusta HiTech

Augusta HiTech

Augusta Hitech is a focused product development, software services and technology consulting company. Our Vision is to become the most socially impactful and innovative technology company in the world

Veridium

Veridium

Veridium is a leader in single step - multi factor biometric authentication, designed to safeguard enterprises’ most critical assets.

Protected Media

Protected Media

Protected Media’s advanced cybersecurity ad fraud solution guards you against current and emerging threats across Connected TV, Display and Video advertising.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

SecureData

SecureData

SecureData provide professional data recovery services, digital forensics, data recovery software and FIPS 140-2 Level 3 Validated hardware encrypted drives.

IT-Seal

IT-Seal

IT-Seal GmbH specializes in sustainable security culture and awareness training.

tru.ID

tru.ID

We’re tru.ID, and we're reimagining mobile authentication, one API at a time.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.

Harbor Networks

Harbor Networks

Harbor Networks is a communications systems integrator and managed services provider. We provide business consultation services for voice and data communication technology.

Oxylabs

Oxylabs

Oxylabs is the largest datacenter proxy pool in the market, with over 2 million proxies. Designed for high-traffic, fast web data gathering while ensuring superior performance.

Eficens Systems

Eficens Systems

Eficens Systems is a global IT services and consulting company. We specialize in empowering businesses to harness the potential of Information Technology as a strategic asset.

Toro Solutions

Toro Solutions

Toro provide managed security & consultancy to keep governments, businesses & society resilient in the space where cyber, physical & people security converge.

Consortium

Consortium

Consortium goes beyond products and promises by working with enterprises to identify, acquire, and deploy cybersecurity solutions that matter.