DevOps accelerates processes, but according to Attivo Networks it also creates new attack vectors. CI / CD, i.e. continuous integration and delivery mechanisms, would offer potential attackers new opportunities to penetrate the network. Read the complete article in DevInsider.
Authored by: Carolyn Crandall, CMO, and Chief Deception Officer – A couple of weeks ago, Attivo Networks released the findings from the company’s annual “Top Threat Detection Trends” survey, with data collected from over 1,200 security professionals across North America, LATAM, Europe, and Australia. Last year’s findings contained several interesting data points, including the fact that more than 50% of respondents indicated that 100 or more days of dwell time—the period from when an attacker enters the network to when the organization detects them—was an accurate representation of their organization. This is obviously concerning, as reducing organizational dwell times to limit how long an attacker has inside a network is a critical initiative of cybersecurity professionals everywhere, and we were interested to see how those numbers had evolved.
Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions. The goal of CI is to ensure information cannot be modified or destroyed by a malicious actor and that only authorized people can access an organization’s information. CI is often associated with intelligence agencies, government organizations or the military but businesses also benefit from including CI in their approach to security. In cybersecurity, counterintelligence is used to support the information security triad of Confidentiality, Availability, and Integrity (CIA). Many organizations practice aspects of CI, but refer to it by different names, including data loss prevention (DLP), malware reverse engineering and network forensics.