Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Spring is a good time to do some cleaning; put away winter clothes and ski gear, open windows and let spring breezes clear out the dust that gathered through the winter. But it’s also a good time for IT and cybersecurity teams to “spring clean” their security postures as well. Below we share 10 quick and easy ways to “clean up” your cybersecurity practices and adapt to the security threats we face daily.

April 2020, Zoom was booming. The start of the COVID pandemic forced employees to work from home, meetings in person migrated to a videoconferencing model, and Zoom was the preferred tool. The massive and fast growth led into an opportunity for attackers. A vulnerability in Zoom could allow an attacker to steal a user’s Windows credentials, as long as the target user would click on a link provided through a Zoom session. The question was then how to get into those private sessions.

Threat actors are continuously honing their skills to find new ways to penetrate networks, disrupt business-critical systems and steal confidential data. In the early days of the internet, adversaries used file-based malware to carry out attacks, and it was relatively easy to stop them with signature-based defenses. Modern threat actors have a much wider variety of tactics, techniques and procedures (TTPs) at their disposal.

Endpoint devices played a big part in malware and ransomware attacks in 2021. According to a study covered by Help Net Security, security researchers detected more malware and ransomware endpoint infections in the first nine months of the year than they did for all of 2020. Attack scripts leveraging PowerSploit, Cobalt Strike, and other tools were particularly prevalent in that nine-month period, having grown 10% over the previous year after having already climbed 666% compared to 2019.

In today's ecosystems, a single enterprise can operate multiple internal networks, remote offices with their own local infrastructure, remote and/or mobile individuals and Cloud services. According to the study published by NIST, this level of complexity is too much for legacy network security models that are based on the location of the company infrastructure and there isn’t a single, easily identifiable perimeter for all elements.

Implementing robust defense strategies helps to mitigate the risk of cyberthreats in the early stages of an attack. Threat hunting, as part of this strategy, enables organizations to find those unknown threats that manage to bypass technology-based controls by detecting abnormal behaviors. With a number of challenges associated with executing a defense approach, how are IT leaders approaching this problem? Pulse and WatchGuard surveyed 100 IT leaders to find out.