Tag Archive for: Gaps

The 4 Key Security Gaps Every Security Team Needs To Close In 2021

/in


2021 will be another challenging year for cybersecurity professionals.  Security teams now face a plethora of new challenges brought on by the rapid deployment of tools, technologies and processes that enabled business continuity over the last 12 months.  Many of these challenges stem from the widespread shift to remote working which, in a matter of days, completely changed the threat landscape for most organisations. 

The rushed nature of the remote working rollout now poses some major data security issues, which are compounded by the impending shift to a hybrid working model in the long term.  In a recent Gartner survey of business leaders across HR, Legal, Compliance, Finance and Real Estate, 82% of respondents said they are planning to permit remote working some of the time as employees return to the workplace, while almost half intend to let employees work remotely full time. 

It is the combination of employees working flexibly – both onsite and remotely – that cements the challenge for security teams in 2021.  The increasing severity of the threat landscape is clear.  Deloitte’s Cyber Intelligence Centre observed a significant spike in phishing attacks, malspams and ransomware in 2020, with threat actors using COVID-19 as bait to mislead employees working outside the confines of the corporate environment.  The closing weeks of the year presented an even greater threat, with what looks to be the most widespread advanced persistent threat (APT) attack in the history of cyberwarfare.  According to Microsoft, the sophisticated nation state attack – which penetrated a vast range of both public and private sector organisations – was a “moment of reckoning” in the evolution of cybersecurity threats. 

As this evolution continues its relentless march forwards, security leaders and practitioners across all industries will need to focus on closing four key security gaps to ensure their organisation is both productive and secure in 2021.   

  1. The proliferation of mobile devices

The ‘new normal’ has changed both the scope and definition of how organisations will need to think about ‘mobile security’ in 2021.  With more employees now…

Source…

AI and ML Leads the Trend in Technologies that will Fill the Cybersecurity Skills Gaps

/in


As the shortage of skilled cybersecurity professionals intersects with the change and sophistication of the threat landscape, AI and ML will be leveraged to fill the gaps, according to a new Osterman survey and report. The Osterman report looked at security solutions that offer advanced technology that could be leveraged to replace manual efforts, including artificial intelligence, machine learning, and orchestration, to address the cybersecurity skills shortage.

The threat landscape is expanding with new types of tactics taking advantage of the latest remote working trends. Phishing is the major threat growing faster than all other threats, with a 3000% increase in 2020 since the start of the Covid-19 pandemic.

Today’s threat actors use multiple tactics and speed to evade traditional defenses that rely on domain reputation, blacklists, and human analysis. This legacy phishing protection can’t stop 75% of these new, more sophisticated phishing attacks. Hiring an increasing number of cybersecurity professionals with the right skill set is not a manageable strategy.

Advanced security technology that leverages AI and ML can complement human analysis with automation. The report highlights how AI and ML can reduce the time and effort required by cybersecurity professionals to complete the same analysis. Given the speed and volume of threats, technology can identify many more variables than a person, and the same analysis by a professional would be nearly impossible. AI and ML can scan billions of internet transactions daily using dynamic interactions and simulations that overcome sophisticated evasive techniques by using

  • Virtual browsers
  • Natural language processing
  • Computer vision and behavioral analysis
  • Overcomes sophisticated multi-stage attacks
  • Ability to detect phishing hosted on legitimate cloud providers and compromised benign websites

All of this provides highly accurate threat detection, so threats are blocked and, therefore, do not need to be reviewed or remediated. Solutions are offered through applications, APIs, DNS RPZ, and extensions, either as a supplement to existing security solutions or independently.

SlashNext addresses this with the broadest range of protection…

Source…

Malware Arrest Exposes Security Gaps at Trump’s Mar-a-Lago Club – The New York Times

/in
  1. Malware Arrest Exposes Security Gaps at Trump’s Mar-a-Lago Club  The New York Times
  2. Woman carrying malware allegedly got into Mar-a-Lago  Antelope Valley Press
  3. Chinese woman carrying malware arrested at Mar-a-Lago  SecurityInfoWatch
  4. Trump Shrugs Off Report Of Chinese Woman Who Took Malware To Mar-a-Lago  HuffPost
  5. Federal probe focuses on Mar-a-Lago intruder, Cindy Yang  Miami Herald
  6. View full coverage on read more

“malware news” – read more