Breach Force: As Threats Grow, Cybersecurity Teams are Not Keeping Pace with Innovations
Cloud solutions and Internet of Things initiatives have added further complexity and scale by expanding the attack surface, triggering even more alerts and investigations.
In a new episode of "Breach Force", cybersecurity teams are having trouble keeping pace with the innovations, McAfee helps users "Shift Left" with security, and Proofpoint's domain fraud report found millions of "active" bogus domains.
In our lead story, McAfee has updated its MVISION Cloud for AWS to help customers "Shift Left" with security and preemptively improve compliance and reduce risk within their cloud infrastructure.
With MVISION Cloud, security is pushed earlier into the DevOps process so that security professionals can catch risky configurations before they become a threat in production. This gives organizations the ability to confidently deploy applications in the cloud with greater speed and efficiency.
Check out "Breach Force" on YouTube (https://youtu.be/
With the new features in McAfee MVISION Cloud for AWS, security groups can integrate natively into DevOps processes and toolsets to discover security issues before systems are deployed to accelerate business in the cloud.
According to the McAfee Cloud Adoption and Risk Report, enterprise organizations have an average of 14 misconfigured IaaS/PaaS instances running at any time, resulting in over 2,269 individual misconfiguration incidents per month. Most IaaS and PaaS configuration audit tools focus on evaluating the risk of resources that are already live. But scanning systems once they are live allows any risk from misconfiguration to be exposed until they are discovered and remediated. These issues are then repeatedly recreated when the suspect templates are used to provision more systems resulting in a proliferation of real risk in potentially large numbers of live systems. And then this problem is further repeated across the many development teams in the organization.
"Resolving issues at the template level as part of a security practice integrated into the DevOps process removes the risk of systems running with unresolved misconfigurations, reduces the workload of infrastructure teams by employing a fix once at the source and gives security teams the ability to enact and evaluate security policies from one central location," said Rajiv Gupta, SVP at McAfee.
Meanwhile, due primarily to a reactionary cybersecurity marketplace, many cybersecurity operations are challenged with transforming their approaches to keep pace with the innovations that are being applied to continuously evolving business models.
Typical, traditional, non-integrated Security Operations Centers are not designed to address the dynamic nature of today's businesses, the accelerating volume of alerts per hour, or the thousands of raw events per second coming from monitoring and detection products. Solving these operational concerns requires a shift in thinking that focuses on the root cause of the problem rather than reacting to the symptoms.
In fact, although the IT industry is one among the fastest-growing industries in the world, issues such as privacy risks and regulatory compliances increase challenges for companies in the IT industry.
Owing to such challenges, IT companies are pressurized to redefine their risk management process and overcome data security challenges. This is where IT companies realize the importance of leveraging risk assessment solution. By leveraging risk assessment solutions, IT companies can identify and address potential risks to minimize their negative impacts on the company.
What are some of the risks? Proofpoint recently cautioned organizations to "protect their domains and safeguard their brand, customers, and employees."
The company recently released data collected from its Active Domains Database, which contains over 350 million domains and represents virtually all domains on the web.
The growth of fraudulent domains corresponds to the growth of the overall domain landscape. Last year, registrations of fraudulent domains grew by 11%. Nearly all fraudulent domains detected by Proofpoint remain active and positioned for attack, with more than 90 percent associated with a live server.
Of these fraudulent domains, more than 15% have Mail Exchanger (MX) records, indicating that they send and/or receive email. One-in-four also have security certificates – far more than appear in the aggregate domain landscape – which many internet users mistakenly equate with legitimacy and security.
"Similar to many of today's top attack methods, domain fraud targets individuals rather than infrastructure by using social engineering to trick users into believing the domains they are accessing are legitimate,"
Meanwhile, as technology continues to evolve and cyber threats increase in volume and sophistication, community banks and credit union chief executive officers must focus on a number of IT areas to ensure their institutions are compliant and secure.
In today's threat landscape, cybersecurity is a constant and critical endeavor for community banks and credit unions that must be managed effectively.
Five key IT areas CEOs must focus on to ensure their financial institutions are adequately prepared to recover from major cyber events include the cybersecurity assessment tools, overall cybersecurity hygiene, email threats/security, security layers, access control and the cloud.
"Breach Force" is produced by TVP, and sponsored by RestonLogic, cloud wizards leveraging over 10 years experience helping companies automate, transform and build highly-secure and stable systems. Click over to RestonLogic dot com to book a strategy session today.
Disclaimer: The blurbs highlighted on "Breach Force" are available