Evolving Cyber Threats, Be Responsive To Defend

CERT-LatestNews ThreatsActivists ThreatsCybercrime ThreatsStrategic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesNetwork


Datacenters, cloud, mobility and ease of accessing data makes human life more and more simpler and faster for their actions. Enterprises are keep moving their applications to cloud, access them through mobile and apps to have them always connected.  This indicates digital traffic continues to increase as we sprint into the Zettabyte Era, where predications are data will triple in three years. By 2020, wireless and mobile device traffic will account for two-thirds of total global IP traffic where average internet bandwidth demand is almost doubled to enterprises.

The data volumes are exploding, more data has been created in the past few years than in the entire previous history of digital universe. Some of these data is critical and stored in large volumes, processed with big data analytics to convert meaningful information. This is getting used to drive business in various health cares, finance, banking and insurance industries.

Data becomes key for enterprises and that creates the multiple risks while storing and accessing it for their needs. Large amount of efforts invested to protect data and steps are taken for holistic security of critical infrastructure. Organizations are discovering first-hand about the devastating impact that a security breach can have: operational disruption, lost customers, missed opportunity, a hit to their brand reputation, and in some cases, declining revenue.

If we realize other side of critical data growth, the competition creates added data demand and then increasing targeted attacks of Critical Organizational Infrastructure.  The world is experiencing a shift in the threat landscape with different strains of malware attacking network systems every day. The Advance threats s, zero-day attacks and ransomware are now common words in security industry and CISO’s are finding ways to deal with it. The attacks that organizations are dealing with are motivated simply by money. Cybercriminals have developed a business model to distribute their attacks across the widest set of targets, often using pre-packaged tools or services readily available on the dark web at small cost. It is so simple, to create threat anyone can buy up till 5 Gb DDoS attack in $5 to $10 cost to bring website down form this world.

Malicious actors are taking advantage of expanding attack surfaces and evolving tactics to keep their windows of opportunity open. When they succeed, CXO’s comments, the results are apparent, quantifiable, and costly.

Traditional security models are moving towards advanced security. Prediction is over the next few years, cyber security will evolve. But in what ways? Will the balance of the cyber war change, or will hackers still reign supreme?


With the threat of cybercrime showing no signs of abating, cyber security defenses will use more intelligence, big data analysis and machine learning to convergence of security-related data at network layers, correlate to identify threats and work proactively to expose and relate the full operation of new cyber-attack campaigns. Security administration and their systems need to have comprehensive visibility to spot potential cyber threats and to successfully defend against them. Without recording the data, they are flying blind. Without correlating data from different sources, it is impossible to identify complex patterns.

Today’s deployed security at various layer systems and inability to integrate them to converge security data is big challenge in front of CXO’s. Though security OEMs are advancing their technologies, integration with others is not happening. There is no mutual unity between vendors and development to bring open security threat intelligence to beat cyber threats. I have come across seeing thousands of cyber-attacks originating to and from organization when products deployed, but hardly see action on them from same product. This is heavily impacting organizations to protect current investments and make them keep investing more. Security budgets are focused and larger part of the entire budget. Data security review and breach reports are part of the board meetings.

So how to defeat this situation? My personal view is organizations must keep evaluating next generation security systems, see what is best value for investment but still they can focus what is in their control.

–        Make initial base of Information Security management services (ISMS) controls, get it effectively implemented and measure effectiveness to improve.

–        IT security skills are embedded into their organization for the foreseeable future, increased need for internal training and development opportunities (awareness) for them and employee both.

–        Keep track of access control and information handling so that rights on information is managed, data cannot be leaked in read and write format. Critically identified data should be physically secured, segregated and backed up for restoration.

–        Integrate each device with log management (SIEM) tool and deploy correlation to notice and review them to action.

–        Regular internal and third party audits are integral part of organizational process to assess maturity of information security policies and improve them better, focus and get them done and keep improving.

–        Get periodic VA and PT done on infrastructure and assess report to mitigate them. look for non-patched and newly detected vulnerabilities; patch, scan… patch, scan…. and patch them.

–        Finally, and most important – We cannot predict and prevent all threats. Look and invest in security incident response and see how strong you can make it responsive post detect and protect data.

[Disclaimer: The views expressed in this article are solely those of the authors and do not necessarily represent or reflect the views of Trivone Media Network’s or that of CXOToday’s.]