Cyber-attacks are now a top business threat for really any company that provides a critical piece of the supply chain.
With the extreme cyber talent shortage, international tensions, the rise in advanced adversaries, and budget fluctuations in cybersecurity, we wanted to know what organizations should be doing at this time to help them prepare and defend against this surge in cyber-attacks. We spoke with experts from around the industry to get their insights.
Yaniv Bar-Dayan, CEO and co-founder at Vulcan Cyber
“The shift to mass remote working required the mobilization of security teams to quickly adapt to an evolving threat landscape and the need for more proactive vulnerability remediation efforts. Reflecting on the experience, organizations must build task forces for the most critical vulnerabilities within enterprise infrastructures. Security and IT teams can’t do it alone. They need each other to get fix done. They need to invest in collaboration platforms that will bring teams together, rather than relying on a confusing array of Excel spreadsheets and communication channels. And finally, they need to establish KPIs that are as clear as possible, and uniform across all teams. You can’t fix what you can’t measure. The efficiency and strength of an organization’s collaboration and the clarity of communication will be the key to success in today’s remote reality.”
John Morgan, CEO at Confluera
“In the haste to support today’s new business model, many IT teams have shifted their focus to ensure employee remote devices and accesses are secure. Monitoring the core corporate networks and data became a lower priority. Attackers can take advantage of this lack of focus to gain unauthorized access to the network. Once they are in, attackers will methodically and slowly move from servers to servers and cloud to cloud avoiding actions that may alert typical detection solutions. Organizations cannot assume their network is safe just because there haven’t been any breaches. Under the covers, a breach may be imminent.
Whether an organization continues to support the virtual workforce, or is preparing to welcome back their employees to the office full-time, they must start monitoring their corporate network. Start with the assumption that attackers have made their way in and are lying dormant. The IT team’s focus is then to detect and intercept the attackers’ lateral movements before they result in a data breach.”
Sounil Yu, CISO at JupiterOne
“Traditional assets, such as physical hardware and virtual assets such as cloud instances, workloads, and applications, were left to deteriorate during the pandemic. While many of them have since been picked up, some remain untouched. In many cases, the enterprise has even forgotten they are there. The risk of both gaining entrance and access to physical systems as well as unmaintained cloud systems is real. This is a perfect example where the enterprise requires continuous visibility into their cyber assets using an automated system to avoid leaving these assets unattended.”
Douglas Murray, CEO at Valtix
“The threat landscape is an ever evolving and critical matter for both the public and private sector. This is challenging because it requires cooperation across multiple companies in the private sector, as well as various governments, to come together to solve. While incredibly complex, we have to get this right and it must be done in real-time as newer ransomware is detected anywhere around the globe. We need to protect our infrastructure, while upsetting the bad actors business model. This threat feed can be ingested by security services to allow government and enterprises to appropriately respond to these attacks. Urgency is critical.”
Bill Osterhout, Director, Cloud & IT Solutions at ARRAY
“As more and more requirements for remote access and remote monitoring of systems become necessary there is an increased demand to make security a priority. There must be increased security monitoring and testing to stay ahead of the curve. Using paper-based auditing processes and procedures is no longer adequate to assure that a systems security posture is being maintained. Frequent Penetration testing events and software-based security monitoring controls must be implemented to assure that vulnerabilities are not introduced once a secure baseline is validated. In today’s world of rapid IT innovation, the only thing that is constant is change. IT and security staff must embrace a continuous learning culture necessary to effectively control this rapidly evolving environment.”