- If ChatGPT produces AI-generated code for your app, who does it really belong to?
- The best iPhone power banks of 2024: Expert tested and reviewed
- The best NAS devices of 2024: Expert tested
- Four Ways to Harden Your Code Against Security Vulnerabilities and Weaknesses
- I converted this Windows 11 Mini PC into a Linux workstation - and didn't regret it
Future Proof Your Business from Cybersecurity Threats
In this blog, I’ll share two ways to shift our mindset from reactive to proactive cybersecurity as well as best practices to secure your attack surface against the most common cybersecurity threats.
Cybercriminals adopt technologies long after businesses do
Many feel that cybersecurity is a cat and mouse game with the threat actors able to constantly thwart the efforts of the cybersecurity community by introducing new tactics, techniques, and procedures (TTPs) whenever they need.
It is true that as new technologies are introduced, besides businesses adopting them, the malicious actors also look to utilize them in their attacks. But let’s think about how truly innovative these malicious actors are. In most cases, what occurs is a new technology is introduced and unless and until enough businesses or people start using it, the cybercriminals will continue to use what has been working for them.
For example, email was introduced in 1971 when Ray Tomlinson invented and developed electronic mail, as we know it today, by creating ARPANET’s networked email system. But email wasn’t utilized by businesses and people until the 1980s and 1990s. From the above chart you can see spam-based mass mailers were used by threat actors in the early 2000.
This gave 10-20 years to develop protections for email-based threats. In fact, I remember starting with Trend Micro in 1996 and we already had email scanning for cc:mail and MS Mail as well as scanning SMTP traffic. If an organization had implemented some of these solutions in the late 1990s they would have future-proofed their messaging for these mass spam mailers used in the early 2000s.
Fast forward to 2023, we’re seeing a lot more cloud-based attacks against this infrastructure but security solutions like Trend Micro™ Deep Security™ that can secure cloud-based servers (VMware, Linux, virtual servers, etc.) existed back in 2010. Again, before this attack surface became a hot area for malicious actors to target, there was some security capabilities to defend it.
So, when we see that people feel they cannot future-proof cybersecurity, I would say they need to have a discussion with some cybersecurity vendors to identify areas in which they may already be missing out on securing.
Global threat research gives businesses a look into the future
Another factor is the ability to look forward to identify potential cybersecurity threat areas. Many years before it became mainstream, Trend Micro has had the internal group Forward-Looking Threat Research (part of Trend Micro Research) whose role is to look into these new technology areas and identify what types of threats we would likely see in the future. Some examples of this are:
This future vision allows the industry to develop new tools and solutions to deal with these upcoming threats.
Protecting your organization from common cybersecurity challenges
Now, let’s dig into how you can address the most common cybersecurity threats before they impact you. Unfortunately, these tend to not be due to poor cybersecurity products, but poor cybersecurity hygiene. The top five ways threat actors are typically able to successfully attack and organization today are:
- Use of n-day (already patched) vulnerabilities that haven’t been patched by the organization.
- Outdated security products with features either not implemented or not enabled that would have detected the threat.
- Credential theft of accounts that allow the threat actor to run scripts or even turn off security agents on systems they want to compromise.
- Compromise of unknown devices on a network (you can’t secure what you can’t see).
- Misconfigurations of applications that open it up to attacks (cloud applications and accounts are the most misconfigured)
The good news is all of these can be mitigated with some updated processes or technologies:
- Utilize SaaS-based solutions from a vendor as they will manage patching vulnerabilities found in their solutions.
- Meet with your security vendors and ensure you have their latest versions (SaaS will help) and that you have the latest features enabled.
- Implement multi-factor authentication (MFA) for critical accounts.
- Look into attack surface discovery solutions that can help you find these devices. Especially any Internet-facing IPs.
- Invest in training your administrators on new technologies you’ve implemented to ensure they understand how to use them.
- Look into cloud security posture management solutions that can detect misconfigurations.
Next steps
Let’s try to change the mindset of these individuals who feel they cannot future proof their cybersecurity because threats change too much. Sure, cybersecurity threats change a lot, but usually it is after new defenses have been on the market for a while—they just need to be included in the security stack. But also, as we’ve seen, improving your people, process and technology can go far in future-proofing your cybersecurity.
To learn more about cyber risk management, check out the following future-looking resources: