#ISC2Congress: Threats to Enterprises Just Starting - Attivo Networks
Attivo Networks Blogs

#ISC2Congress: Threats to Enterprises Just Starting

logos-dl-infosec-magazine

As the threat landscape continues to evolve, many who are overwhelmed today may not have the time to think about whether they are prepared for the threats of tomorrow. Those who attended Viruses, Trojans, Worms, Malware and Ransomware: What’s Next and Are We Prepared? with Tony Cole, CTO, Attivo Networks, at the 2018 Security Congress learned that the future holds lots of security challenges that will be far more complicated than what they are facing now.

“We’ve just started with the problems we are seeing today. The world we live in is changing dramatically, and it’s absolutely astounding how quickly new innovations and new technology are changing our society,” Cole said.

Part of preparing for the future demands an understand of existing threats, and while it’s important to understand the differences between viruses, Trojans, worms, malware and ransomware, what’s more important to understand is that every organization is a target.

What began as a collection of people compromising websites for fame and fortune has evolved into nation-state attacks and organized crime the likes of Wannacry and Spectre. In order to prepare for the threats to come, it’s important that cybersecurity professionals start thinking about what Cole calls “the art of the possible.”

“I’m always surprised at how many companies don’t believe that they are a target,” said Cole. There are so many verticals that organizations are vulnerable to, whether its ransomware or the more mundane siphoning of power in crypto-mining.

“Crypto-mining is just getting started, or maybe we are just starting to detect. It’s evidence that if you write your code well enough so that it doesn’t have impact, most of the world is not going to notice it,” Cole said.

It’s the future, though, that is really scary to Cole. “We are sitting at the tip of the problem set. You can actually get an IP-enabled toaster to imprint different images on your toast. Why are you connecting these things? Why would you want a washing machine connected to anything?”

The internet of things (IoT) is a contributing factor to the unforeseen complications of the future because in an everything-is-connected world, attribution becomes much harder, not to mention that developers are looking to get their products to market quickly, which means that security is never a concern.

According to Cole, enterprises will spend $752 bn on IoT this year, and consumers will soon catch up to that. Other current trends include the bleeding of nation-state threats into the underground – as was the case with Eternal Blue. Companies are selling zero-day vulnerabilities, ransomware is burgeoning, and Chinese activity has substantially increased.

“People are going to have a lot more ways to hide in systems, and the technology evolution will continue to be used against us,” said Cole. Amid all the noise, though, there a ways of correcting the course. “Move to a cave and become a philosopher,” Cole advised.

Short of that, it’s key to remember that you are the target and you must adapt to the inevitability of a breach. Prepare for the inevitable by hunting, using active cyber defense, building a real security awareness training program and leveraging the home-field advantage.

“The enterprise belongs to you, not the attackers,” Cole said.

Read More>>>

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise

RSS

Leave a Comment

Your email address will not be published. Required fields are marked *

three + 2 =

Ready to find out what’s lurking in your network?

Scroll to Top