Why Today’s Dynamic Threat Landscape Requires a
Multi-Layered Response

Why Today's Dynamic Threat Landscape Requires a Multi-layered Response

  • Blog Editorial Team
  • Managed Security
  • BYOD, ATP, Ransomware, Digital Transformation, Cyber-Attacks, Cyber-Threats, IT-Security

When it comes to Cyber-Security, things were arguably a lot simpler 10 years ago. Organizations were far less exposed online, perimeter-based approaches were effective at keeping the bad guys out, and the attacks themselves were more straightforward. How things have changed today. For example, government figures earlier this year suggested that 43% of UK firms have suffered a security breach or attack in the past 12 months.

The only way to mitigate Cyber-Risk against the backdrop of the modern threat landscape is via multi-layered protection.

A Complex Landscape

Today’s organizations are saturated with complexity. Hybrid cloud environments, Virtual Desktop Infrastructures (VDIs), an explosion in Bring Your Own Device (BYOD), mobile and Internet of Things (IoT) endpoints have all expanded the attack surface so that the traditional perimeter is effectively dead. Digital Transformation means business is built on data.

But there’s so much of it, and so many avenues to steal it that it becomes a huge challenge to secure. In addition, companies also need to ensure the resilience and reliability of data-driven services in the face of escalating ransomware threats.

In the first half of 2018 alone Trend Micro blocked over 20.4 billion threats for its customers and partners. That included a 93% year-on-year rise in ransomware.

But that’s only half the picture. Attackers have become smarter over the past few years. The days of threats using a single attack vector have long gone. Cyber-criminals are increasingly using multiple techniques in a single campaign, often requiring little or no human intervention.

Attacks are automated and highly effective, relying on exploits for known vulnerabilities that organizations have left un-patched. Everything the budding hacker needs to launch such an attack is readily available on the Cyber-Crime underground.

One notorious recent example is NotPetya, the destructive ‘ransomware’ campaign that cost some organizations like global shipper Maersk, and FedEx hundreds of millions. In this instance the attacker used a weaponised document using the publicly available SMB exploits EternalBlue and EternalRomance.

However, they also leveraged the mimikatz post-exploitation tool to self-propagate NotPetya worm-like so it spread to other connected networks. It ended up spreading in this way around the globe, causing huge financial losses along the way.

Fighting Back

It can seem like a daunting task building a cyber-security response to this kind of offensive and viral capability. On the one hand, IT-Security managers must protect the organization against modern multi-vector attacks, while also responding to the more “commodity” threats like Conficker which continue to linger online.

Further, attackers are developing their tools with every passing day – it’s only a matter of time before they unleash machine learning techniques to help bypass defenses and improve phishing authenticity.

So what can we do? The sheer breadth of techniques at the disposal of black hat hackers means security leaders must start building up multiple layers of threat defense.

Cross-generational approaches such as Trend Micro’s XGen, are optimized so that the right solution is used to tackle the right threat at the right time. Management must be centralized and each piece of the puzzle must communicate with the other to maximize protection.

What's in for You?

Some of those key pieces include:

  • Virtual patching: delivers vulnerability shielding in critical environments until a patch can be deployed.
  • Anti-malware: to protect against commodity and advanced malware.
  • URL check: ensures users don’t visit harmful websites.
  • Intrusion Prevention System (IPS): detects and stops network-based attacks.
  • File integrity and monitoring: can provide alerts on suspicious behaviour that could indicate the early stages of an attack.

Final Thoughts

There’s no such thing as a single bullet to deal with the multiplicity of threats facing organizations today — especially not in complex mixed environments like physical, virtual, or hybrid cloud.

That’s why SoftwareONE and Trend Micro offer the broadest range of threat protection techniques possible to protect the modern enterprise.

Secure your Azure environment now

Our Managed Security Services enable organizations to stop malicious activities, and improve security effectiveness for Azure workloads. Download our free brochure to find out about the key capabilities and benefits our service offers for your Azure environment.

Get your copy
  • Tuesday 16 October 2018

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

SoftwareONE Blog Team

Blog Editorial Team Trend Scouts

IT Trends and industry-relevant Novelties

Related Articles

Cyber-Security Bulletin September 2019
  • 17 September 2019
  • Bala Sethunathan
  • Cyber Security Updates, Managed Security
  • Security, Cyber-Security

Cyber-Security Updates – September 2019

This month’s edition informs about latest data breaches, a data-stealing Android malware, a master decryption key provided by the FBI, and cyber-threat intelligence updates such as multi-stage attack delivering backdoor to turn Elasticsearch…

Proactive Configuration Management: The Key to Good Cybersecurity
  • 11 September 2019
  • Bala Sethunathan
  • Managed Security
  • Security, Cyber-Security

Proactive Configuration Management: The Key to Good Cybersecurity

Prioritize and protect mission critical assets with the help of our security expert team to build a proper cybersecurity strategy

Three Differences Between On-Premise and Cloud Security
  • 04 September 2019
  • Bala Sethunathan
  • Managed Security
  • Cloud, Security

Three Differences Between On-Premise and Cloud Security

To enable enhanced cloud security, organizations must understand the cloud’s fundamental differences from an on-premise environment.