CDM-CYBER-DEFENSE-eMAGAZINE-March-2019

More documents

Recommendations

Info

Rip Off the Band-Aid This leaves us with thousands of vendors selling security solutions and companies spending record amounts on cybersecurity initiatives yet still grappling with identification and remediation of threats and attacks. This would be easier to wave off if attacks were slowing down, but they are not. This year, 46% of U.S. organizations have already experienced a data breach, which is nearly double (24%) what it was in 2017. Attacks continue to accelerate at an unprecedented rate. In fact, Cybersecurity Ventures predicts that by the end of <strong>2019</strong>, a ransomware attack will occur every 14 seconds, which is staggering when you consider that in 2016, the average was every two minutes (still pretty bad). I could throw scary stats out all day long to demonstrate the gravity of the situation, but one fact is clear: What we are currently doing is not working—despite all of the money and technology being thrown at cyberattack problems. Instead of slapping on a Band-Aid, we need to change the entire way we think about cybersecurity. The fact of the matter is that threats are changing so fast in form and function that companies can’t keep up today. Not only are the nature of attacks persistently evolving faster than enterprises can adjust, but the sheer volume of attacks leaves companies panicked and underprepared. Developing Your Cyber Defense Force The ever-changing security threat landscape has become the number one concern for endpoint security buyers according to Gartner. In this year’s Third Annual Study on the Cyber Resilient Organization, 77% of IT professionals reported that their companies do not have a formal cybersecurity response plan. This must change. Organizations have to accept that attacks will happen, that despite all of their great defenses, issues are bound to slip through. The expectation that something will infiltrate the network, infrastructure, or an employee device must become the norm, and they need to train for what happens when it does. Think of your SecOps team as your very own special forces of sorts, constantly vigilant, set to defend, and ready to respond creatively and rapidly in the event of an attack. To make identification and remediation of security vulnerabilities and issues as simple as possible, there are three key areas that must be priorities for your defense forces moving forward. While I will dive into each one specifically in subsequent articles, at a high level they are: • Peer deep: Get visibility of all endpoints—and do so at scale. You have to be able to see what’s happening all across the network. And, here’s the kicker: It needs to be in real time. If data is not current, the potential remains for a system, machine, network, or device to be compromised, and you will lose time fixing it. You also need to view and analyze historical data to identify when issues occurred and how long they impacted your organization.
• Act fast: There must be a plan in place to address an issue at the moment it arises—not days, weeks, or months down the line. Quarantine systems. Shut them down. Contain, contain, contain. Be sure there is a process to take care of any vulnerabilities in real time— one that can instantly scale across all your organization’s endpoints if needed without negatively impacting the network or end users. • Adapt easily: Today’s environment requires the flexibility to rapidly respond to security issues in seconds. The security products you choose to help you respond shouldn’t require time-consuming coding and testing every time you need a new containment or remediation workflow created. They should easily and intuitively enable you to take action against new threats and unexpected attacks. With so many different security solutions at work in your environment, it is also important to identify platforms that are adaptable and that can integrate easily with the security products you already have in place. These are strange and dangerous times, but they are not insurmountable. As Seattle Seahawks quarterback Russell Wilson likes to say: “The separation is in the preparation.” By evaluating and adopting endpoint visibility and control solutions, organizations can discover new ways to mitigate and respond to cyberattacks. Once companies switch from an “if” to a “when” mindset, they can finally mount meaningful defenses that will rip off the Band-Aids and enable them to tackle future security issues head-on. About the Author As vice president of marketing at Adaptiva, Anne Baker brings to the company a unique combination of over 15 years of high-tech marketing experience with a technical engineering background. Anne holds a mechanical engineering degree from Cornell University and an MBA from Seattle University. Her work has earned her recognition as one of the “100 Top Women in Seattle Technology” by the Puget Sound Business Journal and one of the “Top 50 Women in Mobile Content” by Mobile Entertainment Magazine. Anne has led the launch strategies for emerging start-up companies as well as created global campaigns for leading technology companies, such as Microsoft and SAP. For more information, please visit https://adaptiva.com/, and follow the company at LinkedIn, Facebook, and Twitter.
Page 1 and 2: Data Breaches: Beyond Exposing Iden
Page 3 and 4: CONTENTS (cont') Prioritizing Secur
Page 5: @CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 22 and 23: Data Breaches: Beyond Exposing Iden
Page 24 and 25: About the Author Kem Gay is an Inte
Page 28 and 29: Why Biometric Data Use Poses Unique
Page 30 and 31: • DNA Kits: If you purchased or u
Page 32 and 33: How to be Workforce Ready and Stand
Page 34 and 35: Maximiliano Gigli, a third-year cyb
Page 36 and 37: Interestingly, the two groups diffe
Page 38 and 39: Cross-site Scripting Is an Underrat
Page 40 and 41: Stealing HTML5 web storage data: HT
Page 42 and 43: Cybersecurity in New York City, the
Page 44 and 45: A boom in cybersecurity startups se
Page 46 and 47: illion risks and threats among its
Page 48 and 49: Some Important Developments in the
Page 50 and 51: About the Author Sharmistha Sarkar
Page 52 and 53: employees to contractors and sub-co
Page 54 and 55: The Internet of Things Engineering
Page 56 and 57: About The Author Milica D. Djekic i
Page 58 and 59: kind. Many of them require some kin
Page 60 and 61: 2019 Risks in Focus: Cyber Incident
Page 62 and 63: However, the past year has also wit
Page 64 and 65: Why Insider Threats Are One of the
Page 66 and 67: Unlike with outside security threat
Page 68 and 69: Organizations will also frequently
Page 70 and 71: The US Must Catch Up to Other Promi
Page 72 and 73: The fact is, the wider internationa
Page 74 and 75: Integrate Compliance and Regulation
Page 76 and 77:
Security have and have-nots How org
Page 78 and 79:
1. People Having the right people c
Page 80 and 81:
sources (such as syslog’s, Net Fl
Page 82 and 83:
Limitations of Current Endpoint Sec
Page 84 and 85:
For effective detection, most EDR s
Page 86 and 87:
Why Wi-Fi Hacking Will Persist Desp
Page 88 and 89:
About the Author Ryan Orsi is Direc
Page 90 and 91:
questions such as, “Who added a w
Page 92 and 93:
About the Author Josh Paape is an O
Page 94 and 95:
for well-known, repeatable needs fi
Page 96 and 97:
Overcoming Software Security Issues
Page 98 and 99:
Implementing Security Checks at Str
Page 100 and 101:
Phishing in the Dark: Employee Secu
Page 102 and 103:
phishing threats. Furthermore, almo
Page 104 and 105:
Unfortunately, once an application
Page 106 and 107:
Software Should Come with a “Nutr
Page 108 and 109:
vulnerabilities. If they find vulne
Page 110 and 111:
I can't get no satisfaction, I can'
Page 112 and 113:
How Organizations Should Choose a L
Page 114 and 115:
load balancers capable of integrati
Page 116 and 117:
SaaS DNS Security: Are you Protecte
Page 118 and 119:
associated with any security event
Page 120 and 121:
120
Page 122 and 123:
122
Page 124 and 125:
124
Page 126 and 127:
126
Page 128 and 129:
128
Page 130 and 131:
130
Page 132 and 133:
132
Page 134 and 135:
134
Page 136 and 137:
136
Page 138 and 139:
138
Page 140 and 141:
140
Page 142 and 143:
142
Page 144 and 145:
144
Page 146 and 147:
146
Page 148 and 149:
148
Page 150 and 151:
We’ve launched http://www.CyberDe
Page 152 and 153:
Marketing and Partnership Opportuni
Page 154 and 155:
Regent University’s Institute for
Page 156 and 157:
156
show all

CDM-CYBER-DEFENSE-eMAGAZINE-March-2019

Create successful ePaper yourself

Delete template?

Save as template?