Cyber Defense eMagazine January Edition for 2022

More documents

Recommendations

Info

Beyond closing AD security gaps, public infrastructure organizations can implement solutions that continually monitor the environment for malicious changes. The ability to detect attackers moving laterally through the network can substantially limit the damage done. Attack paths can be closed before the malicious actors are able to deploy malware, for example. And setting up automated remediation can help defuse an attack when every minute counts. Cyberattacks can infect globally connected systems in minutes, so the ability to automatically reverse malicious changes helps contain the fallout. In the event of a cyberattack, one of the key factors in resuming delivery of public services is being able to quickly recover Active Directory to a known-secure state. As any IT administrator can attest, rebuilding an AD forest is a laborious, time-consuming process that is prone to errors. Rebuilding an AD forest while under the stress of an in-progress attack is the stuff of nightmares. Every organization needs to have a fully tested, documented plan for recovering AD—the system that authenticates and grants access to all other systems—in the event of a cyberattack. Ensuring public services are safe from cyberattacks Although public infrastructure organizations are in the crosshairs of attackers, they can improve their defenses against even the most sophisticated attacks. By evaluating the security posture of their Active Directory environment, setting up monitoring to detect malicious changes, and implementing a fully tested AD recovery plan, these organizations will be better positioned to combat attacks and continue to deliver vital public services. About the Author Sean Deuby | Director of Services, Semperis Sean Deuby brings 30 years’ experience in Enterprise IT and Hybrid Identity to his role as Director of Services at Semperis. An original architect and technical leader of Intel's Active Directory, Texas Instrument’s Windows NT network, and 15-time MVP alumnus, Sean has been involved with Microsoft identity technology since its inception. His experience as an identity strategy consultant for many Fortune 500 companies gives him a broad perspective on the challenges of today's identity-centered security. Sean is also an industry journalism veteran; as former technical director for Windows IT Pro, he has over 400 published articles on Active Directory, Azure Active Directory and related security, and Windows Server. He has presented sessions at multiple CIS / Identiverse conferences. For more information, visit http://www.semperis.com Cyber Defense eMagazine – January 2022 Edition 90 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Three Key Facts About AI-Driven Network Detection and Response By Eyal Elyashiv, CEO, Cynamics Most network detection and response solutions and network performance monitoring and diagnostic tools are using the same paradigm that was invented three decades ago. However, networks themselves have changed dramatically; modern networks grow more complex and interconnected every day, and these new connections increase potential for vulnerabilities. Malicious actors are constantly hunting for ways to infiltrate corporate networks, and overly complex, linked systems allow them to slip through the security gaps unnoticed. For years enterprises have been attempting to address this security challenge but have failed to gain the upper hand. The primary reason for this failure is two-fold: human analysts can’t keep up in this environment and legacy tools can’t either. Enterprises need assistance from AI-based solutions to enable full visibility into their network. Network detection and response (NDR) solutions derive particular benefit from AI. However, to implement NDR well, organizations need clarity on its key elements, both before and after implementation. AI helps fill in the security skills gaps As networks become more complex and data volumes continue to grow, the fact is human analysts are incapable of monitoring all of it, alone. To make matters worse, the industry is experiencing an estimated shortage of 2.72 million skilled cybersecurity professionals – there just aren’t enough skilled people to adequately defend organizations’ critical assets. Instead, the industry must learn how to use tools like AI and ML to supplement these skills gaps. The lack of capable and experienced cybersecurity talent can leave networks vulnerable to a myriad of threats. Cyber Defense eMagazine – January 2022 Edition 91 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
“Owning Your Identity” Through
Page 3 and 4:
WatchGuard Technologies’ 2022 Pre
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - January 2
Page 9 and 10:
MUST ATTEND REPLAY AVAILABLE ON-DEM
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40: But in spite of this threat, consum
Page 41 and 42: How To Thwart Fraud with Phone Numb
Page 43 and 44: mutable and dynamic by continually
Page 45 and 46: Phishing: How To Improve Cybersecur
Page 47 and 48: organizations gather data all in on
Page 49 and 50: offers comprehensive firmware prote
Page 51 and 52: Why Hackers Attack Mobile Devices a
Page 53 and 54: the network. This is a good indicat
Page 55 and 56: About the Author Nicole Allen, Mark
Page 57 and 58: Know your customer As spam and phis
Page 59 and 60: Microsoft Successfully Defended The
Page 61 and 62: However, you can’t rely 100% on t
Page 63 and 64: Why Americans Joined Europe in Not
Page 65 and 66: Have a good backup policy. A good p
Page 67 and 68: Secure Apart from reporting, the af
Page 69 and 70: Taking a hard look at the current s
Page 71 and 72: There are plenty of organizations t
Page 73 and 74: 5. The impact of the talent shortag
Page 75 and 76: The industry is already embracing a
Page 77 and 78: WatchGuard Technologies’ 2022 Pre
Page 79 and 80: Users, especially professionals, ha
Page 81 and 82: What Are DeFi Flash Loans & How to
Page 83 and 84: DeFi hackers can easily exploit fla
Page 85 and 86: 3. Get audited Getting a smart cont
Page 87 and 88: Protecting Critical Infrastructure
Page 89: • They use penetration tools to g
Page 93 and 94: About the Author Eyal Elyashiv is t
Page 95 and 96: Tyler Farrar, CISO, Exabeam “What
Page 97 and 98: Protecting unstructured data will l
Page 99 and 100: change again before they’re done.
Page 101 and 102: Samantha Humphries, head of securit
Page 103 and 104: Due to their successes, adversaries
Page 105 and 106: Paul Farrington, chief product offi
Page 107 and 108: In 2022, it is going to become cruc
Page 109 and 110: Our Cyber Defenses Need to Be Battl
Page 111 and 112: the exploitation aspect, but if tes
Page 113 and 114: 12 Tips for Improving Access Contro
Page 115 and 116: weak passwords. Password management
Page 117 and 118: Four Cybersecurity Predictions Fede
Page 119 and 120: 4. Cyber Funding Gets Granular In F
Page 121 and 122: Of course, these recommendations ar
Page 123 and 124: Cybersecurity Tips to Help Your Org
Page 125 and 126: Organizations can achieve true cybe
Page 127 and 128: quarter. Put simply, any organizati
Page 129 and 130: Cyber Defense eMagazine - January 2
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Free Monthly Cyber Defense eMagazin
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
THE Q1/Q2 GAME CHANGER… CYBERDEFE
show all

Cyber Defense eMagazine January Edition for 2022

Create successful ePaper yourself

Delete template?

Save as template?