Cyber Defense eMagazine September Edition for 2022 #CDM

More documents

Recommendations

Info

There are tangible consequences in the cybersecurity realm to these staff and skills shortfalls – misconfigured systems, risk assessment and management that is either rushed or skipped, slow remediation times that leave systems exposed, and the inability to handle all active threats to the network. In short, SOC teams are increasingly understaffed and overworked – all while facing a rising tide of increasingly sophisticated attacks. Furthermore, outmoded legacy solutions can leave networks even more vulnerable. There are certainly industries where older means wiser, but in cybersecurity, legacy solutions often cannot keep up with the evolving threat landscape and are not easily integrated with updated tools. In addition, they often have complex configuration and maintenance processes that make management, patches or updates complicated and impractical. According to reports, unpatched vulnerabilities and risky services account for 82% of successful attacks. The current threat landscape is only growing. The hybrid work era has driven enterprises to adopt a rising number of SaaS and web-based tools to deal with the consequences of a decentralized work environment – messaging apps, file sharing, CRMs, etc. As recent Google Drive and Dropbox hacks demonstrate, there is a rapidly growing number of new attack vectors which malicious actors can exploit. This trend is only likely to continue as new SaaS and web-based tools are developed to optimize the modern workplace, and remote work policies give employees the potential to access sensitive apps from unmanaged and third-party devices. In short, many companies are a lot more vulnerable than they realize. Big Tent vs. Niche Understaffed and overworked SOC teams are now facing a new hurdle: System Overload. As cyberattacks grow in sophistication and frequency, the number of cyberdefense tools that security professionals rely on is constantly growing. Reports indicate that some organizations use as many as 45 different tools on average to keep their networks safe. These hyper-focused security tools may be effective in the fight against the growing sophistication of cyberthreats, but their sheer volume is in and of itself a problem because they are often cumbersome to manage; forcing analysts to waste time toggling between tools. This results in delayed incident analysis and security system maintenance. Furthermore, the disparate nature of these solutions means that analysts are unable to get a holistic view of issues or react quickly to breaches. Those using more than 50 tools ranked themselves as 8% less likely to be able to detect an attack and 7% less responsive when attempting to address it. With staff shortages, SOCs also find it hard to retain the expertise needed to utilize these multiple systems efficiently. That said, big-tent, legacy cybersecurity solutions are not necessarily the best alternative. It may seem beneficial to have many defense tools within the same platform, but the pinpoint responses of niche solutions to the growing threat-landscape may be lost. In other words, these catch-all solutions can’t necessarily keep up with the growing sophistication of threats. 40% of cybersecurity professionals said their current cybersecurity strategy will likely be outdated in just two years, with 37% said it would happen in three. Cyber Defense eMagazine – September 2022 Edition 144 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
The Middle Ground To effectively combat the next generation of cybersecurity challenges, CSOs will need to create an effective middle ground. This industry need has only been accentuated by the current economic downturn, which is forcing many SOCs to cut budgets by providing the most bang-for-your-buck solutions to secure vulnerable systems. The trick for cybersecurity providers will be to offer a balanced number of solutions that effectively cover a number of threat vectors – not so many that they lose their focus, but enough that clients can reduce their reliance on an unwieldy number of security products. In the long term, more streamlined SaaS cybersecurity systems can not only make it easier for SOC teams to employ, train, and retain their teams, but actually reduce their workloads. Vendors must also strive to create easy to deploy and manage integrated solutions that fit neatly within customers’ current systems, and which interact seamlessly with their standard operating systems and business workflows. This ensures that both security team members and general staff can easily leverage the benefits in a frictionless manner. In a similar vein, vendors should provide tools and services that bolster a SOC team’s capacity, offering a lifeline for groups that are understaffed and overworked. These could be supported by automated ML- and AI-based platforms and actual cybersecurity experts in a managed SOC service to ease the strain of analyzing and remediating the tide of malicious activity threatening to engulf companies. Modern streamlined and decluttered cybersecurity solution suites should be hastened in by the realities of the industry’s knowledge shortages and today’s economic challenges; however, going forward they make the most sense for effective, efficient, and durable SOC teams. About the Author Motti Elloul is VP Customer Success and Incident Response at Perception Point. He works with existing customers to educate and help them maximize their product knowledge and solve issues that may arise. Motti focuses on building sustainable customer relationships by optimizing their asset protection and leveraging the value of customer satisfaction. Motti has worked in people-centered roles at Applause, Red Bend Software, and Nuance Communications. He holds a BSc in Software Engineering from the Jerusalem College of Engineering. Motti can be reached online at https://www.linkedin.com/in/mottie/ and at our company website https://perception-point.io/ Cyber Defense eMagazine – September 2022 Edition 145 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Critically Important Organization?
Page 3 and 4:
How Can Businesses Build Customer C
Page 5 and 6:
@MILIEFSKY From the Publisher… We
Page 7 and 8:
Welcome to CDM’s September 2022 I
Page 9 and 10:
Cyber Defense eMagazine - September
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Critically Important Organization?
Page 25 and 26:
• Factors and metrics to consider
Page 27 and 28:
Zero Trust Momentum Seventy-six per
Page 29 and 30:
Information Warfare and What Infose
Page 31 and 32:
Influence: Surface and measure the
Page 33 and 34:
ecording a 10% hike from 2020 findi
Page 35 and 36:
5G Technology - Ensuring Cybersecur
Page 37 and 38:
on a great scale, the newness of th
Page 39 and 40:
Are Cyber Scams More Common and How
Page 41 and 42:
Antivirus Software Keeping your com
Page 43 and 44:
Avoiding the Risks of Ransomware St
Page 45 and 46:
• How are you protecting home fie
Page 47 and 48:
Black Hat Trip 2022 - Perception Po
Page 49 and 50:
compared to legacy sandboxing solut
Page 51 and 52:
Building A Layered Plan for Battlin
Page 53 and 54:
The Challenge of Hyperconnected Fra
Page 55 and 56:
Can Cloud Telephony Services with M
Page 57 and 58:
software with an organization’s c
Page 59 and 60:
Crack The Code Cybersecurity Workfo
Page 61 and 62:
Photo Cred: Photo Cred: UofL Cybers
Page 63 and 64:
More information on the Cybersecuri
Page 65 and 66:
Virtual training addresses the high
Page 67 and 68:
How Can Businesses Build Customer C
Page 69 and 70:
associated access entitlements. A z
Page 71 and 72:
have been able to quickly get servi
Page 73 and 74:
How To Guard Critical Infrastructur
Page 75 and 76:
2. Control endpoint privileges. No
Page 77 and 78:
especially when maxed out on events
Page 79 and 80:
It Isn't Your Daddy's Oldsmobile An
Page 81 and 82:
Full and Systematic Vehicle Cyberse
Page 83 and 84:
Long-Term Impacts A Data Breach Can
Page 85 and 86:
Encrypt data and update software re
Page 87 and 88:
Perception Point has been built as
Page 89 and 90:
company developed a 24/7 managed In
Page 91 and 92:
Government agencies varied broadly
Page 93 and 94: About the Author Marc Kriz is a Str
Page 95 and 96: Looking at the two studies over a f
Page 97 and 98: Patch Zero Days In 15 Minutes Or Be
Page 99 and 100: Advanced SQL Behavioral Analysis fr
Page 101 and 102: New normal, new problems The “new
Page 103 and 104: About the Author Ivar Wiersma is th
Page 105 and 106: world attacks on open-source softwa
Page 107 and 108: Protecting The Enterprise in The Di
Page 109 and 110: About the Author Anurag Lal is the
Page 111 and 112: Market potential GitHub claims to h
Page 113 and 114: The Implications of Zero Trust for
Page 115 and 116: Integrating Zero Trust at the Data
Page 117 and 118: Threat Modeling: Bridging the Gap B
Page 119 and 120: What’s next for threat modeling?
Page 121 and 122: 2. Adopt trust security Consider ho
Page 123 and 124: 7. Secure your dependencies As you
Page 125 and 126: Top Trends in Cyber Security Post-P
Page 127 and 128: improve cybersecurity. As the conne
Page 129 and 130: The migration of electronic healthc
Page 131 and 132: About the Author Coley Chavez is th
Page 133 and 134: A tool to make money Cybercriminals
Page 135 and 136: Using Identity for Access Is a Huge
Page 137 and 138: Never make your own keys - physical
Page 139 and 140: What We Have Learnt Building a Glob
Page 141 and 142: Businesses transact with, rely upon
Page 143: Why CSOs Are Decluttering Their Cyb
Page 147 and 148: • Surge in utilization of cloud s
Page 149 and 150: trustworthiness and accountability.
Page 151 and 152: Why Throwing Money at Cybersecurity
Page 153 and 154: 2. Automated Analytics The human pr
Page 155 and 156: SSL VPNs are available as stand-alo
Page 157 and 158: About the Author Timothy Liu is Co-
Page 159 and 160: Preparing Having never been to mult
Page 161 and 162: Overall, this was a great conferenc
Page 163 and 164: One of the unique things about DefC
Page 165 and 166: Of where I was able to spend time a
Page 167 and 168: In the end, DefCon was by far one o
Page 169 and 170: they have. I was happy to share my
Page 171 and 172: Cyber Defense eMagazine - September
Page 189 and 190: CyberDefense.TV now has 200 hotseat
Page 191 and 192: Books by our Publisher: https://www
Page 195:
show all

Cyber Defense eMagazine September Edition for 2022 #CDM

Create successful ePaper yourself

Delete template?

Save as template?