Cyber Defense eMagazine March Edition for 2022

More documents

Recommendations

Info

into the mix. The COVID-19 pandemic ravaged families, business communities, and economies around the globe. Those enterprises that moved decisively, migrated to the cloud almost overnight and instantly expanded the attack surface. The problems came from several different directions. First, employees working from home were using unvetted personal devices that potentially contained a smorgasbord of vulnerabilities. These devices used private and third-party networks to connect to the cloud-based environments required for remote work. And corporate data, sensitive or not, was crossing unknown boundaries on its journey between the WFH employee and the corporate environment. Penetration testing became unreliable because the architecture being probed was half in and half out of an organization’s jurisdiction. Second, DevOps teams – desperately trying to transform massive chunks of their employers’ business models to adapt to the new normal – were releasing new digital experiences at the speed of demand. These releases could, depending on circumstances, contain any number of security holes picked up from new PaaS environments. Rethink your digital dogma As has been said at many points throughout cybersecurity history, what we were doing two years ago no longer works. Threat actors have proved themselves capable of using every trend, every market shift, every consumer habit, and every employee error to their advantage. Responses from organizations have not been as swift. While cybersecurity professionals can never quite recall a “quiet past”, the “stormy present” of 2022 requires a rethink of our digital dogmas if we are to ensure that employees can stay safe but remain productive. The starting point: know yourself. Line of business will always have a handle on financial plans, operations, market conditions, and a range of other touchpoints. For IT and security teams to be successful, they must compile a comprehensive asset inventory – from the machines in the office to the devices in employees’ homes, from the tools on laptops to the inner workings of containerized apps in the cloud. Next comes triage. Identifying vulnerabilities is trivial next to the task of managing action. Some vulnerabilities will be common but may not represent great damage if they were to be exploited. Others may be rare but represent considerable business risk. The general rule of thumb is that if a vulnerability can cause significant damage and is relatively easy to exploit by an attacker, it should be high on the patching list. Anything that is high-risk and not readily addressable should be on a watch list. Free to innovate All of this, from the compilation of the asset inventory to the patching actions, should be automated where possible. Several tools today are capable of automatic asset discovery and policy-based patching. Overworked CISOs and their embattled teams represent the most overlooked security issue in the post- Cyber Defense eMagazine – March 2022 Edition 40 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
pandemic era. By empowering professionals with the tools needed to automate the mundane, we free them to become more effective threat hunters. Once the basics are in place, organizations will be better placed to meet regulation and compliance obligations. Policies alone will not allow you to prepare the reports required by auditors. And good intentions will not satisfy the strict requirements of standards such as PCI-DSS. The good news is cloudservice providers and other vendors are beginning to provide controls such as MFA and DNS security, and are even offering training sessions for end users to prepare them for the hybrid-work future. But chasing the regulators in a constantly reactive mode makes for poor security strategy. There is no substitute for gaining a deep and broad understanding of your organization’s environment and selecting the visualization and automation tools that best fit your circumstances, your architecture, and your business goals. Getting the basics in place – asset inventory, vulnerability management, and user awareness – will give you a strong foundation to secure your digital estate. What next? Once you have mastered your environment, you can turn your attention to some of the latest policies and tools that are being deployed against cybercriminals. Many of the headline-grabbing incidents that we have seen would not have occurred but for a lapse in the management of privileged credentials. SolarWinds’ Orion, for example, uses privileged access to connect to other systems, which is how attackers were able to compromise so many other organizations. Privileged access management (PAM) is an emerging technique that allows CISOs and their teams to stipulate how accounts connect to environments, using policies such as session monitoring, password rotation, least privilege, just-in-time provisioning, and the elimination of shared accounts to keep estates safe while avoiding hits on employee productivity. Other practices include Zero Trust, which has become something of a hot topic. Allowing everything in, and assuming all processes to be suspect until they can prove themselves otherwise, is an approach that shows how far removed we are from the recent past. Here, we not only assume we are going to be attacked; we assume we already have been. It is a grim yet justifiable assumption that accurately reflects the world in which we now live. Do not dismay, however. The headlines of horror may imply an inevitability in becoming a cyber-victim, but their postmortems also show a path to risk remediation. There are tools you can procure, policies you can enact, and action you can take that will ensure that your organization’s name is not the next to be splashed across media pages. Cyber Defense eMagazine – March 2022 Edition 41 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: Why Changing Classified Document St
Page 3 and 4: Tips And Trends for OT Cybersecurit
Page 5 and 6: @MILIEFSKY From the Publisher… De
Page 7 and 8: Welcome to CDM’s March 2022 Issue
Page 9 and 10: Cyber Defense eMagazine - March 202
Page 19 and 20: level of concern while working remo
Page 21 and 22: The Fragility of a GPS Centric Worl
Page 23 and 24: Formerly known as LOng-RAnge Naviga
Page 25 and 26: The Role of The CFO In Enterprise C
Page 27 and 28: Help them mitigate potential risks
Page 29 and 30: The Safest Ways for Bitcoin Trading
Page 31 and 32: and clear instructions through a "N
Page 33 and 34: According to Cybereason’s “Rans
Page 35 and 36: If you implement these three tips,
Page 37 and 38: • Nearly half of zero-day malware
Page 39: Don’t Become a Horrible Headline:
Page 43 and 44: Have We Learned from Our Past Mista
Page 45 and 46: internet, etc. How much training is
Page 47 and 48: How to strengthen cyber resilience
Page 49 and 50: A BCDR solution with automated disa
Page 51 and 52: 1. Cybersecurity Incidents Will Bec
Page 53 and 54: Is XDR The Right Solution for Today
Page 55 and 56: How Open XDR Helps Open XDR address
Page 57 and 58: A very small set of next-gen SIEM s
Page 59 and 60: • What are my options for data la
Page 61 and 62: Additionally, we’ll witness the r
Page 63 and 64: Top 10 Reasons Cyber Defense Firms
Page 65 and 66: 4. Teamwork and individual responsi
Page 67 and 68: 5 Reasons Organizations Need Compre
Page 69 and 70: systems to manage identity and acce
Page 71 and 72: Directed Analytics - The Future of
Page 73 and 74: Directed analytics allow these insi
Page 75 and 76: InDesign and uploaded to indd.adobe
Page 77 and 78: Are You Prepared for the New Normal
Page 79 and 80: • Find Unseen Risk - The hardest
Page 81 and 82: intruders were able to gain control
Page 83 and 84: About the Authors Michael Cheng is
Page 85 and 86: Why am I rehashing this old trope?
Page 87 and 88: 1. Look for and minimize attack sur
Page 89 and 90: On The Frontline in The War Against
Page 91 and 92:
How to Fix Mid-Market Security Usin
Page 93 and 94:
the particular victims being target
Page 95 and 96:
5 Ways Cybersecurity Will Change In
Page 97 and 98:
#3: Supply chains will be the big r
Page 99 and 100:
Executive Order Instructs Certain O
Page 101 and 102:
• Stay ahead of fraud. Fraud cost
Page 103 and 104:
Too Hot to Handle:The case for Zero
Page 105 and 106:
Critically, endpoint security only
Page 107 and 108:
To prevent lateral movement attacks
Page 109 and 110:
Redefining Resilience in The New Wo
Page 111 and 112:
About the Author Andrew Lawton is C
Page 113 and 114:
Cyber Defense eMagazine - March 202
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
CyberDefense.TV now has 200 hotseat
Page 137 and 138:
Books by our Publisher: https://www
Page 139 and 140:
show all

Cyber Defense eMagazine March Edition for 2022

Create successful ePaper yourself

Delete template?

Save as template?