2 minute read
Companies Have Started Focusing on Cyber-Risk Mitigation Strategies
Ray Kafity, the Vice President for Middle East, Turkey, and Africa (META) at Attivo Networks, speaks about data security and compliance
Advertisement
How has the need for data security and compliance changed over the past year?
Over the past year, the importance of data and network security has risen throughout various verticals, whether in governmental, non-profit, or for-profit organizations. These entities must protect personal information and confidential data, and that requires better in-network detection of attacker activities.
In addition, the increased reliance on cloud storage, online work collaboration solutions, and other network services, brought on by the shift towards remote working and learning environments following the pandemic, has heavily driven cybercriminals to abuse companies' vulnerabilities and caused data breaches. These trends, therefore, highlight the need for improved data security measures, especially those related to detecting attacker misuse of credentials, privilege escalation, and lateral movement.
As compliance requirements and security challenges evolve, companies have turned to cybersecurity platforms focusing on cyber-risk mitigation strategies aligned with several well-known security frameworks.
What are the best-practice standards and frameworks that can help companies achieve and maintain data security and compliance?
To assure that organisations achieve and maintain data security and compliance, companies and IT leaders have advocated for combining cyber hygiene and information sharing since the late '90s. However, they have deemed these methods alone as insufficient since better detection capabilities must accompany them. Nevertheless, only by grouping these three essential factors can IT leaders make real and positive changes to keep personal data secure.
This year has been a turbulent one in terms of data security. With several data breaches headlining in the news, companies should no longer trust software providers without establishing an "assumption of breach" security posture through more effective detection tools. Companies seeking to minimize breach impacts should implement Identity First security as an essential best-practice standard rather than patching vulnerabilities when they arise. This strategy denies access to data through personalized and limited data access control.
Additionally, using guidelines provided under MITRE ATT&CK an Shield can help organisations understand the coverage of their security controls and where there are gaps. These tools have been particularly helpful in showing security teams coverage risks related to attacker lateral movement and privilege escalation. Of notable mention, is the risks associated with Active Directory, which is intrinsically insecure, under protected, and can have extreme consequences if exploited. Such approaches limit potential insider threats that can cost companies very significant losses, with the Middle East facing losses of over 11 million dollars annually.
Many countries have passed their own version of data protection laws recently. How does your company help its clients with securing their data and staying compliant?
The Attivo Networks ThreatDefend platform helps clients secure data and stay compliant. While deception technology is the ideal solution for in-network threat detection, less familiar is its ability to meet guidance according to the ISO
/IEC 27000 Family of Standards. After an in-depth evaluation of the capabilities of ThreatDefend concerning ISO/IEC 27001 and 27002, Attivo concluded that the solution provides the needed abilities to meet the standard and the policy objectives.
The ThreatDefend platform allows the detection of potential credential theft, privilege escalation, and lateral movement. It also records and reports these movements to prove
that the company is well equipped to detect and react to threats. Therefore, these records can demonstrate both company and supplier compliance through extensive reports of how the organization has mitigated the risk caused by the threat.
