“When in doubt, choose change.” (Lily Leung)
- McAfee has agreed to sell its enterprise business
- Many McAfee customers may be considering alternatives
- Don’t just replace - upgrade
The global cybersecurity landscape has changed dramatically over the past year due to the COVID-19 pandemic as adversaries look to use the outlier event to their advantage.
- S. Secretary of Homeland Security details Federal Cybersecurity Strategy.
- Initial focus on ransomware, workforce, industrial control security.
- The federal government needs to take a risk-based, long-term view on cybersecurity.
- Ransomware, banking malware, unwanted applications, and Android attacks all rose significantly
- Pandemic-related incidents had a big impact
- Similar threats expected for this year, and cyber security teams need to have the right security tools in place
- Executive order under consideration would expand what companies have to disclose security breaches to the federal government.
- Such breach disclosure laws have been long found over legal concerns.
- The EO would also establish that certain software vendors maintain a software bill of materials.
- All attacks include malicious activity, but not all attacks include writing malware to disk
- Anti-exploit technology prevents attackers from gaining a foothold
- What to look for in anti-exploit technology
Attacks, exploits and vulnerabilities
Any complete cloud workload security stack must feature robust anti-exploit technology for both end-user and server systems. Cloud workloads run on servers, either on-premises or in the cloud, and end-user systems access those workloads. End-user systems can give attackers indirect access to workload data, while servers can provide more direct access if attackers achieve a foothold.
Advanced Persistent Threats (APTs) are sophisticated, stealthy attacks designed to gain access to an organization’s network systems over a long period of time in order to covertly steal sensitive information or drain financial resources.
- EDR and MDR represent two viable paths to achieving successful security defense
- Internal teams use EDR tools to launch investigations and guide remediation actions
- MDR brings professional cross-skilled security analysts and proactive threat hunters
- Security tipping point is determined by gaps in time, skills, efficiency and outcomes
- Efforts have long been underway to create more advanced cryptography, and the market appears ready to deploy these solutions
- Promising new approaches include quantum key distribution, biometrics encryption, and homomorphic encryption
This is the second of a 3-blog series on Practical Cyber Resilience. In the first part, I covered the four key characteristics (or guiding principles) of cyber resilience. In this blog we will review the main objectives and 5-step Cyber Resilience Analysis methodology, as defined by the NIST Special Publication 800-160, Developing Cyber Resilient Systems.
- Attack wiped out 1200 of a company's 1500 Microsoft Office 365 accounts
- Always revoke the access rights of former employees and contractors
- 53% of Web traffic is now cloud-related, a 20% year over year increase.
- 61% of all malware is directly delivered via the cloud.
- Malicious Office documents represented 17% of all malware detected.
