Cyber Threat Intelligence: Risk Management Strategies
4. Old vulnerabilities remain relevant
While Apache Log4Shell (Log4j) was arguably the most prominent zero-day vulnerability of 2021, older flaws remained relevant and effective as well. Data from Trend Micro™ TippingPoint™ shows that the greatest number of detections (75 million) this year were of CVE-2019-1225, a memory disclosure flaw in Microsoft’s Remote Desktop Services (RDS) discovered in August 2019.
Explaining cyber risk to the board
As the digital attack surface expands due to the accelerated shift toward the cloud, enhancing security for more effective cyber risk management is a must. And while you may understand that, getting the board to see it your way can be challenging.
By definition, cyber risk is the financial loss, disruption, or damage to the reputation of an organization resulting from the failure of its IT systems. Make sure the c-suite understands what you mean by cyber risk—poor security leading to financial losses. Look for security tools that can help you get your message across; by aligning security with the bottom line, and even demonstrating how savings can be optimized for business goals, the board will get on board.
Mitigation strategies
To secure your rapidly expanding digital attack surface, you need comprehensive visibility and continuous threat monitoring. In the cloud and across your IT infrastructure, point products are often unable to provide security teams with the complete picture and threat data needed to effectively understand, communicate, and mitigate cyber risk.
We suggest a unified cybersecurity platform with broad third-party integration into your existing ecosystem. Ideally, the platform should automate security as much as possible and provide remediation guidance—not only will this reduce your cyber risk, but it will also relieve overstretched security teams and free them to focus on only the most critical events.
To address top threats like ransomware, cloud misconfigurations, email attacks, and vulnerabilities, look for a platform with the following capabilities and features:
- Modern technologies like pre-execution machine learning to find unknown malware hidden in office files attached to emails combined with artificial intelligence to check email behavior, intention, and authorship to identify BEC attacks.
- Support for the Zero Trust approach, which requires all users, devices, and applications to be authenticated before granting access and continuously monitored for any suspicious behavior. This will stop attackers from flying under the radar after compromising credentials.
- Automated scanning to continuously discover your digital attack surface and alert security teams of any cloud misconfigurations.
- Deep threat intelligence and research for up-to-date vulnerability disclosures as well as virtual patching to proactively limit the scope of an attack (like Log4j) before a vendor patch is released.
- Extended detection and response (XDR) to collect and correlate deep threat data across network, cloud, endpoints, users, and workloads to shore up fewer, but higher-confidence alerts.
For more insights into threat trends and the benefits of leveraging a unified cybersecurity platform, check out these resources:
Read More HERE