This year has seen several significant shifts within the security space. World events have left tensions high. This has been a stress test for many security systems as bad actors take advantage of any cracks that have formed. In this episode, Dave Trader, Field CISO at Presidio, and Dan Lohrmann, Field Chief Information Security Officer, share their insights into how the recent conflicts abroad have shaped global cybersecurity.
Join us as we discuss
- Zero-trust authentication systems
- An uptick in malicious DDoS events
- Possible effects of an incoming recession
Achieving better security with a shift to zero-trust
Multifactor authentication once offered increased security in the digital world. As systems trusted users with verification beyond passwords, attackers faced greater difficulty when breaching a network.
However, as the workforce became more distributed, remote and hybrid work increased, and malicious actors became more agile, the trust-but-verify authentication became obsolete. In fact, a vast majority of all cyber attacks include misused networks or credentials.
As passwords are slowly replaced, a new and improved authentication framework is taking the spotlight. Zero-trust architecture requires continuous monitoring and validation that users are authorized to access networks, organization assets, and cloud assets. By monitoring activity and access validity in real-time, zero-trust promises increased security and reaction time in case of a breach or attack.
According to Dave Trader, zero-trust offers solutions to the increasing intelligence of cyber attackers.
He says, “You must be able to dial in on connections and understand what’s happening. You must be able to scrutinize a connection and find who a user is, what they are after, and why. When that connection acts out of character, we need to be able to identify that quickly.”
If every organization embraced zero-trust architecture, security measures would not eradicate cyber-attacks. However, the attack surface exposed to malicious actors would be greatly decreased, therefore eliminating copious attacks that utilized misused credentials.
The rise in DDoS attacks is not likely to slow
The first six months of 2022 saw a 203% climb in DDoS attacks compared to the same timespan in 2021. There have been 60% more DDoS attacks in the first two quarters of this year than in the entirety of 2021. These breaches are often related to hacktivism, where attacks target networks with politically and socially-driven purposes.
The rising instances of DDoS attacks can be loosely correlated with the increased number of significant world events over the past two years. However, according to Dave Trader, the uptick in DDoS attacks will likely continue to rise throughout the year’s final quarter, regardless of future events.
Fortunately, there are many steps you can take to protect your organization from these relatively simple attackers.
To protect yourself against the majority of DDoS attacks, you should consider:
- Investing in a quality DNS security provider
- Research SSL certificates and assess what’s right for you
- Be mindful of political and social stances and statements
- Add communication to your risk analysis and be prepared
Fortunately, despite the rise in attacks, DDoS can be relatively simple to thwart if your organization is prepared. However, if you’re unprepared, these attacks can be detrimental.
The consolidated future of the cyber industry
With a looming possibility of a recession, there are endless predictions for the state of the cyber industry.
According to Dave Trader, the industry will experience consolidation. While this may mean there are mergers and acquisitions in the future for many companies, consolidation may be more beneficial in the long run.
Dave says, “There’s a lot of noise in the cyber industry, but there are a lot of really great emerging solutions coming through. The trick is putting the right platforms in place and ensuring all these platforms contribute to protection.”
According to Dave, this consolidation needs to happen and will occur regardless of a recession. But, a recession would likely speed the process.
As a CISO or someone with intentions of protecting an organization with cyber security, ensuring maximum protection with minor confusion is ideal. Consolidation allows for more accessible communication and fewer breaches with a focused approach. Business leaders must do what they can to protect their organizations. Rather than partnering with several cyber security companies and services, it may be beneficial to orchestrate relationships with just a few strategic partnerships.
While 2022 has seen many shifts in cyber security and attacks, there are still many more to come. So as the year shifts into the final quarter, organizations must keep an eye on predictions to best protect themselves, their customers, and their assets.
To hear this interview and many more like it, subscribe on Apple Podcasts, Spotify, or our website or search for The Digital Decode wherever you get your podcasts.