According to a report, white hat hackers are attacking black hat hackers
Based on a report released on Wednesday by a breach and attack simulation business, organisations are becoming more aggressive in thwarting threats before they become attacks.
Security leaders are realising that the current approach of purchasing new technology and rushing through the process of finding and fixing vulnerabilities is ineffective, according to Cymulate’s 2024 State of Exposure Management & Security Validation report.
As to the survey, security executives are adopting a proactive strategy towards cybersecurity by detecting and resolving security gaps before hackers take advantage of them. This is in contrast to waiting for the next major cyberattack to occur and putting their defences in place during that time.
The report emphasises the proactive approach that adopts an attacker’s perspective to identify and address security gaps before attackers find and exploit them. It aggregates anonymized data from attack surface assessments, simulated attack scenarios and campaigns, and automated red teaming activities across more than 500 Cymulate customers.
Co-founder and CTO of Cymulate, Avihai Ben Yossef, stated in a statement that “businesses cannot afford to be reactive as new attack tactics emerge and adversaries continue to make use of existing vulnerabilities.”
In order to reduce risk and lessen exposure, they must proactively assess the efficacy of their security systems, find any weaknesses, and take the required steps to close such gaps. The increasing number of organisations implementing exposure management and security validation tools necessary to strengthen their security posture is encouraging.
Outdated Traditional Security Techniques
According to Cymulate Field CTO David Kellerman, security procedures were traditionally only very loosely examined as part of a yearly red team assessment or penetration testing programme.
He told TechNewsWorld that “traditional methods of security assessment are obsolete in this era of DevOps and cloud.”
He stated that “continuous validation of defensive security controls is necessary.” “To ensure that all security measures are optimised and ready to perform to their fullest potential, organisations should target themselves with thousands of attack scenarios across all of their security systems.”
The proactive strategy is becoming more and more popular, according to Matt Quinn, technical director for Northern Europe at XM Cyber, a hybrid cloud security business with its headquarters located in Herzliya, Israel. Quinn noted that focusing only on identifying assaults as they occur is ineffective.
According to him, TechNewsWorld, “organisations are drowning in trying to defend against millions of attacks and have put all of their eggs in compensating controls.”
According to him, “organisations are now being more proactive by looking to fix what they are compensating for and by looking at what is underneath the compensating controls.” “This is a much more potent technique that works against any kind of attacker.”
Rapidly Changing Threat Environment
According to Callie Guenther, a senior manager for cyber threat research at Critical Start, a nationwide provider of cybersecurity services, security leaders are becoming more pro-active when it comes to cybersecurity.
“This shift is largely driven by the realisation that, in today’s rapidly changing threat landscape, waiting for attacks to occur before responding is no longer sufficient,” the source told TechNewsWorld. “A proactive approach entails foreseeing possible risks and weaknesses and resolving them before attackers can take advantage of them.”
“Delaying adopting a proactive approach consistently results in increased consequences and more emergency response and post-attack mitigation,” continued Luciano Allegro, co-founder and chief marketing officer of Montpellier, France-based threat intelligence firm BforeAi.
He told TechNewsWorld, “It wastes employee time and causes undue stress for problems that could have been resolved promptly and orderly.”
Several proactive methods that organisations are currently implementing were mentioned by Rob T. Lee, curriculum director and head of faculty at the SANS Institute, a global cybersecurity training, education, and certification organisation.
These tactics include using “Zero Trust” frameworks, which do not automatically trust anything that is inside or outside the company, adopting threat intelligence services to foresee prospective attacks, and regularly doing penetration tests to find flaws.
Employees must receive security awareness training in order to identify phishing efforts and other forms of social engineering, the speaker continued.
He told TechNewsWorld, “Advanced security solutions like Security Orchestration, Automation and Response [SOAR] platforms and Endpoint Detection and Response [EDR] are also vital.” “Moreover, the establishment of a robust human firewall depends heavily on cyber security workforce management and training.”
According to him, “new SEC regulations also emphasise the strategic role of cybersecurity in corporate governance and push for a cybersecurity mindset at the upper management and board levels.”
Proactive AI
According to Matt Hillary, vice president of security and chief information security officer at Drata, a San Diego-based provider of security and compliance automation, artificial intelligence can be an additional tool in an organization’s proactive strategy.
“By proactively identifying critical vulnerabilities and supporting remediation, AI can help companies identify and address security gaps,” he told TechNewsWorld.
According to Hillary, AI can be used, for instance, to scour a company’s network perimeter and identify any devices or apps that are connected to the internet and any potential threats.
Well-trained large language models can supplement manual security processes to detect and resolve flaws at a speed that was previously impractical because of their capacity to analyse enormous amounts of data rapidly, he said.
According to Elisha Riedlinger, COO of Fremont, California-based NeuShield, a data protection company, a certain proportion of businesses have always taken security seriously and strive to put proactive security measures in place.
Nevertheless, he informed TechNewsWorld, “a lot of organisations still struggle with being proactive. It’s possible that these organisations lack the time or resources to thoroughly consider and put these suggestions into practice.
Culture of Control Evasion
The Cymulate analysis also discovered that organisations’ data loss prevention (DLP) controls are becoming less effective, which puts them at greater danger of data exfiltration. Data exfiltration risk scores rose from 33 in 2021 to 46 in 2024, according to the study.
Gopi Ramamoorthy, head of security and governance, risk and compliance engineering at Symmetry Systems, a San Francisco-based data security posture management company, stated, “Unfortunately, not every organisation has built security around data.”
Furthermore, he went on, “traditional DLP tools have not offered sufficient visibility and security controls over cloud data.” Data security posture management, the newest platform in data security, has also been reluctant to catch on. Data exfiltration persists because data security posture and controls are not as visible.
Data exfiltration has also being cultivated by organisations in other ways, according to John Bambenek, head of Schaumburg, Illinois-based Bambenek Consulting, a cybersecurity and threat intelligence consulting firm.
We’ve created a world where data can leave easily in the rush towards cloud-first, where every engineer with a credit card can spin up services, and agile development, which inherently instills a culture of control evasion. (Source: technewsworld.com)