#GartnerSEC: Understanding a Changing Threat Landscape in Light of #COVID19

Spread the love

#GartnerSEC: Understanding a Changing Threat Landscape in Light of #COVID19Organizations must become agile to respond effectively to the changing threat landscape, particularly in light of the turbulent events of 2020, according to Jonathan Care, senior director analyst at Gartner. He noted: “We’ve seen drastic changes in how we as a society work and play as a result of the COVID-19 pandemic, and bad actors have taken notice.”

In doing so however, organizations must be careful not to be overly swayed by certain threats that may gain a lot of news coverage, but do not necessarily pose the greatest danger. Instead, a “risk-based approach” should be employed that focuses on the fluidity of threats.

Care said: “As threats and organizational risk-pots change over time, we must evolve how we address the threat landscape.” This notion has never been more applicable amid new behaviors brought about by COVID-19. He added: “Threats continue to change and diversify. New business opportunities drive new security requirements that we must address.”

Ransomware is currently the number one threat to organizations, according to Gartner. Care outlined that these attacks have become increasingly sophisticated, including the use of fileless malware that can bypass some preventive controls and attackers adding persistence to keep malware dormant for long periods. Therefore, adequate planning to react quickly to this type of threat is needed, such as being able to detect the type of malware being used and having capabilities to isolate infected systems quickly.

Care also said that due to changing working practices, many organizations are moving away from email as the primary communication method to other collaborative tools. This change is being exploited by attackers. “The low hanging fruit now are cloud services, which are often exposed to the internet and suffer from misconfigurations and can be susceptible to credential stuffing attacks,” he commented.

In regard to phishing, more targeted tactics like spear-phishing and whaling are becoming more prominent; in one example given, deepfake technology was used to successfully impersonate an executive and convince someone to wire money to a hacker’s bank account. Care said that as well as new tools, “attention to the people and processes in use” is crucial to protect against these methods.

Account takeover is another type of threat that has grown this year. One particularly dangerous example is the expanding practice of SIM swapping, enabling criminals to take over a phone number and reset passwords as a result. While multi-factorial authentication (MFA) remains the best way of defending against this, Care added that organizations must be aware that “attackers are shifting their tactics to bypass the MFA controls you have in place.”

Care also highlighted the increasing risk of attacks emanating from organizations’ supplier and partner relationships. He gave an example of organizations which enable employees to download and use consumer grade utilities, which if compromised, can be used to launch attacks on their systems. “If supply chain is currently not part of your threat environment, then it needs to be on the list of threats that need consideration as you examine those connections and relationships that you have,” he outlined.

Constant monitoring of the threat landscape is therefore critical for organizations to adequately protect themselves. Care concluded: “Understanding the trends and risks allows us to invest in the right equipment to navigate the rough waters ahead.”

X ITM Cloud News


Leave a Reply

Next Post

PCI DSS in Practice Case Study: PicPay

Wed Sep 16 , 2020
Spread the love             In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member PicPay shares how the PCI DSS helped foster a culture of information security in the company. X ITM Cloud News

Cloud Computing – Consultancy – Development – Hosting – APIs – Legacy Systems

X-ITM Technology helps our customers across the entire enterprise technology stack with differentiated industry solutions. We modernize IT, optimize data architectures, and make everything secure, scalable and orchestrated across public, private and hybrid clouds.

This image has an empty alt attribute; its file name is x-itmdc.jpg

The enterprise technology stack includes ITO; Cloud and Security Services; Applications and Industry IP; Data, Analytics and Engineering Services; and Advisory.

Watch an animation of  X-ITM‘s Enterprise Technology Stack

We combine years of experience running mission-critical systems with the latest digital innovations to deliver better business outcomes and new levels of performance, competitiveness and experiences for our customers and their stakeholders.

X-ITM invests in three key drivers of growth: People, Customers and Operational Execution.

The company’s global scale, talent and innovation platforms serve 6,000 private and public-sector clients in 70 countries.

X-ITM’s extensive partner network helps drive collaboration and leverage technology independence. The company has established more than 200 industry-leading global Partner Network relationships, including 15 strategic partners: Amazon Web Services, AT&T, Dell Technologies, Google Cloud, HCL, HP, HPE, IBM, Micro Focus, Microsoft, Oracle, PwC, SAP, ServiceNow and VMware