The Cyber Defense eMagazine February Edition for 2024

More documents

Recommendations

Info

advanced stages of Zero Trust and focus on the overlay pillars: Automation and Orchestration, and Visibility and Analytics. These pillars permeate the entire organization and many different IT/IS departments. Building them out requires having visibility into everything happening in the Zero Trust environment, including all of the tools, applications and processes in place to protect the five core pillars. Maturing these two overlay pillars requires new capabilities and technologies like advanced analytics powered by machine learning and AI as well as identity-centric SIEM, UEBA and SOAR capabilities. The Automation and Orchestration pillar requires high-fidelity detections combined with rich contextual data, and the ability to dynamically prioritize events and alerts accurately in order to automate remediations without interrupting legitimate business processes in the crossfire. AI can improve SOC team efficiency now – and will improve over time While the adversaries are busy trying to weaponize AI to achieve their goals, the benefit of AI for defenders and the Security Operations Center (SOC) team will be more immediate and more significant. AI will empower SOC analysts with powerful insights into datasets across identity, security, network, enterprise and cloud platforms. Specifically, it will improve SOC team efficiency and help counter the ongoing challenges of limited resources and skill sets, overwhelming alert fatigue, false positives and mis- or unprioritized alerts in the following ways: • Provide proactive suggestions for detections and threat hunting queries. • Create new threat content based on recent trends, learnings across customers and industry verticals to dynamically improve or suggest new ML models, queries, reports and more. • Auto-triage alerts based on historical triage patterns, investigation notes, types of detection, relevance, and attack trends to automate and suggest key incident response activities with ease including creating custom reports, taking bulk actions, and multi-step workflows. Cybercriminals are already using AI to make their attacks better – and improve the tactics, techniques, and procedures (TTPs) of attacks. But advanced machine learning models that are trained using adversarial AI will be able to combat these new attacks. Organizations should invest in quality, mature ML/AI powered technologies for threat detection and explore how AI can help their SOC teams spend less time investigating (or chasing false positives) and more time eradicating true threats. Among companies without an insider threat program, 75% will start to plan, build and budget for a formal insider threat program, with a majority of that growth coming from the SME (Small and Medium Enterprise) market Recent research shows that more than half of organizations have experienced an insider threat in the past year and 68% are “very concerned” about insider threats as they return to the office or move to hybrid work. 74% say insider attacks have become more frequent, and 74% say they are moderately vulnerable or worse to insider attacks. Overall, companies of all sizes are becoming increasingly aware Cyber Defense eMagazine – February 2024 Edition 134 Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
of the risk of insider threats and addressing the problem. SMEs in particular are taking insider threats much more seriously than in recent years. In response to these growing concerns, 75% of organizations that have protected data (PHI, PII, etc.), valuable IP, or compliance requirements, but don’t currently have an insider threat program, will start planning or building one in 2024. Along with that, the adoption of insider threat solutions will increase by at least 50% as these programs develop. Some tools enterprises should consider for starting their insider threat program are a next-gen SIEM, UEBA combined with identity and access analytics, and/or a DLP solution to limit data exfiltration. MSSPs and MDRs serving SMBs will grow by 25% YoY as part of a customer-driven push for vendors to provide services rather than just selling products. A strong demand from SMB customers for Managed Security Service Providers (MSSPs) and Managed Detection and Response (MDR) providers will continue in 2024. This market growth is driven mainly by the lack of skilled personnel to manage and maintain the appropriate systems and processes to protect small and medium businesses from cyber attack and ransomware. This talent shortage shows every sign of getting worse in 2024. In response to this demand, service providers will wrap many individual services together to offer packages to their customers to meet their current business needs and help match levels of protection to varying budgets. This means security vendors should create multi-tenant solutions that integrate easily with other security vendors' products and cover both cloud and on-premise environments. They should also design their products and business practices to work well in a managed services model. This means flexible licensing and billing models and dedicated programs and resources that support this unique goto-market motion through service providers to satisfy the growing market demand. 2024 will be the year of public-sector attacks and hacktivism. The public sector domain, including the education system, the medical system and public infrastructure, will be a primary ransomware target in 2024. This is because these systems are widely seen as easy targets that offer attackers fame, information, and money. Public infrastructure like water and electrical systems around the world will be increasingly targeted by nation-state actors involved in geopolitical conflicts. These systems are not well-protected and offer a huge payoff in terms of the damage and chaos caused by disrupting them. We will also see an increase in hacktivism activities against government agencies and the supply chain that supports them, including DDOS attacks and APT's. Cyber Defense eMagazine – February 2024 Edition 135 Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
How One Industry Exemplifies the Im
Page 3 and 4:
Data Breach Search Engines --------
Page 5 and 6:
@MILIEFSKY From the Publisher… De
Page 7 and 8:
Welcome to CDM’s February 2024 Is
Page 9 and 10:
Cyber Defense eMagazine - February
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
2001 2024 Cyber Defense eMagazine -
Page 17 and 18:
Page 19 and 20:
How One Industry Exemplifies the Im
Page 21 and 22:
That is where things stand in my in
Page 23 and 24:
current on the mission and values o
Page 25 and 26:
So, monitoring and managing vendor
Page 27 and 28:
About the Author Caroline McCaffery
Page 29 and 30:
How so? Businesses can make things
Page 31 and 32:
Using Cmmc 2.0 To Transform Your Cy
Page 33 and 34:
equire the implementation of additi
Page 35 and 36:
for the Department of Energy’s Cy
Page 37 and 38:
• IT no longer controls where and
Page 39 and 40:
For example, the Cloudbrink service
Page 41 and 42:
5 Cybersecurity Resolutions for The
Page 43 and 44:
The Importance of Cyber Hygiene for
Page 45 and 46:
The key steps to improve your cyber
Page 47 and 48:
Connecting Tech to Black America By
Page 49 and 50:
Establish partnerships with HBCUs E
Page 51 and 52:
Perhaps the most obvious example of
Page 53 and 54:
Crafting AI’s Future: Decoding th
Page 55 and 56:
The implementation of regulations c
Page 57 and 58:
AI Is Revolutionizing Phishing for
Page 59 and 60:
That’s why security awareness tra
Page 61 and 62:
culmination of this race will revea
Page 63 and 64:
Traditionally, DBSEs would only inf
Page 65 and 66:
Enhancing Cybersecurity Defenses: T
Page 67 and 68:
Social engineering testing In the e
Page 69 and 70:
GitGuardian Researchers Find Thousa
Page 71 and 72:
*Emergent trends While everything f
Page 73 and 74:
There are multiple tools that will
Page 75 and 76:
Good Security Is About Iteration, N
Page 77 and 78:
to incorporate architectural and de
Page 79 and 80:
Hacking and Cybersecurity Trends to
Page 81 and 82:
detect attacks as they are occurrin
Page 83 and 84: Legacy solutions hinder an organiza
Page 85 and 86: About the Author Thomas Müller-Mar
Page 87 and 88: Having worked closely with financia
Page 89 and 90: device is emitting its signal the t
Page 91 and 92: Navigating the API Security Landsca
Page 93 and 94: that entities (users, services, or
Page 95 and 96: examine financial transactions, net
Page 97 and 98: Offensive Awakening: The 2024 Shift
Page 99 and 100: Not only are legislators pushing fo
Page 101 and 102: Let’s dive into how security lead
Page 103 and 104: Overcoming Common Data Security Cha
Page 105 and 106: The Risks of Over-Privilege Alongsi
Page 107 and 108: Quishing Campaign Exploits Microsof
Page 109 and 110: After inserting their email address
Page 111 and 112: more expensive and time consuming.
Page 113 and 114: Cotton Sandstorm or Static Kitten h
Page 115 and 116: Spike in Layoffs Pose Serious Cyber
Page 117 and 118: About the Author Adam Gavish is the
Page 119 and 120: The Crucial Role of Data Categoriza
Page 121 and 122: The Next Generation of Endpoint Sec
Page 123 and 124: Next-Generation Endpoint Security:
Page 125 and 126: As I reflect back on the past few m
Page 127 and 128: Why Is Hardware More Secure than So
Page 129 and 130: can achieve throughput levels of up
Page 131 and 132: ecome more secure. By the end of 20
Page 133: Zero Trust Matures, Insider Threat
Page 137 and 138: Zero Trust: Navigating the Labyrint
Page 139 and 140: • Enhanced Security: Zero trust b
Page 141 and 142: Cyber Defense eMagazine - February
Page 149 and 150: CyberDefense.TV now has 200 hotseat
Page 151 and 152: Books by our Publisher: Amazon.com:
Page 155: i https://www.whitehouse.gov/briefi
show all

The Cyber Defense eMagazine February Edition for 2024

Create successful ePaper yourself

Delete template?

Save as template?