Why Today’s Dynamic Threat Landscape Requires a

Multi-Layered Response

Why Today's Dynamic Threat Landscape Requires a Multi-layered Response

When it comes to Cyber-Security, things were arguably a lot simpler 10 years ago. Organizations were far less exposed online, perimeter-based approaches were effective at keeping the bad guys out, and the attacks themselves were more straightforward. How things have changed today. For example, government figures earlier this year suggested that 43% of UK firms have suffered a security breach or attack in the past 12 months.

The only way to mitigate Cyber-Risk against the backdrop of the modern threat landscape is via multi-layered protection.

A Complex Landscape

Today’s organizations are saturated with complexity. Hybrid cloud environments, Virtual Desktop Infrastructures (VDIs), an explosion in Bring Your Own Device (BYOD), mobile and Internet of Things (IoT) endpoints have all expanded the attack surface so that the traditional perimeter is effectively dead. Digital Transformation means business is built on data.

But there’s so much of it, and so many avenues to steal it that it becomes a huge challenge to secure. In addition, companies also need to ensure the resilience and reliability of data-driven services in the face of escalating ransomware threats.

In the first half of 2018 alone Trend Micro blocked over 20.4 billion threats for its customers and partners. That included a 93% year-on-year rise in ransomware.

But that’s only half the picture. Attackers have become smarter over the past few years. The days of threats using a single attack vector have long gone. Cyber-criminals are increasingly using multiple techniques in a single campaign, often requiring little or no human intervention.

Attacks are automated and highly effective, relying on exploits for known vulnerabilities that organizations have left un-patched. Everything the budding hacker needs to launch such an attack is readily available on the Cyber-Crime underground.

One notorious recent example is NotPetya, the destructive ‘ransomware’ campaign that cost some organizations like global shipper Maersk, and FedEx hundreds of millions. In this instance the attacker used a weaponised document using the publicly available SMB exploits EternalBlue and EternalRomance.

However, they also leveraged the mimikatz post-exploitation tool to self-propagate NotPetya worm-like so it spread to other connected networks. It ended up spreading in this way around the globe, causing huge financial losses along the way.

Fighting Back

It can seem like a daunting task building a cyber-security response to this kind of offensive and viral capability. On the one hand, IT-Security managers must protect the organization against modern multi-vector attacks, while also responding to the more “commodity” threats like Conficker which continue to linger online.

Further, attackers are developing their tools with every passing day – it’s only a matter of time before they unleash machine learning techniques to help bypass defenses and improve phishing authenticity.

So what can we do? The sheer breadth of techniques at the disposal of black hat hackers means security leaders must start building up multiple layers of threat defense.

Cross-generational approaches such as Trend Micro’s XGen, are optimized so that the right solution is used to tackle the right threat at the right time. Management must be centralized and each piece of the puzzle must communicate with the other to maximize protection.

What's in for You?

Some of those key pieces include:

  • Virtual patching: delivers vulnerability shielding in critical environments until a patch can be deployed.
  • Anti-malware: to protect against commodity and advanced malware.
  • URL check: ensures users don’t visit harmful websites.
  • Intrusion Prevention System (IPS): detects and stops network-based attacks.
  • File integrity and monitoring: can provide alerts on suspicious behaviour that could indicate the early stages of an attack.

Final Thoughts

There’s no such thing as a single bullet to deal with the multiplicity of threats facing organizations today — especially not in complex mixed environments like physical, virtual, or hybrid cloud.

That’s why SoftwareONE and Trend Micro offer the broadest range of threat protection techniques possible to protect the modern enterprise.

Secure your Azure environment now

Our Managed Security Services enable organizations to stop malicious activities, and improve security effectiveness for Azure workloads. Download our free brochure to find out about the key capabilities and benefits our service offers for your Azure environment.

Get your copy
  • Managed Security
  • BYOD, ATP, Ransomware, Cyber-Attacks, Cyber-Threats

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Blog Editorial Team

Trend Scouts

IT Trends and industry-relevant novelties

Related Articles

windows-7-extended-support

Windows 7 Extended Support: Now Is the Time to Take Action!

Microsoft ended support for Windows 7. Find out which far-reaching impact this will have on your environment.

SoftwareONE Cyber Security Update 2019-10
  • 15 October 2019
  • Bala Sethunathan
  • Cybersecurity, Managed Security
  • Cyber Security, Security

Cyber Security Update - October 2019

Criminal cyber-activities come with only one goal: to attack your systems and to leave you with financial damages and reputational loss. In our October edition, we will cover latest data breaches such as a ransomware attack on several U.S.…

managed-security-teaser
  • 10 October 2019
  • Bala Sethunathan
  • Managed Security
  • Strategy, How-To

Building an Effective Security Operations Center (SOC) at Your Organization

Many organizations simply do not have the resources and expertise available to build an effective in-house security operations center (SOC). Let’s take a look at how you can put together an SOC that can be maintained for years to come.