Fundamentally, there are two major reasons why enterprises get breached despite ever-increasing cybersecurity budgets. They are typically related to insufficient proactive intelligent threat analysis and addressing advanced malware as it enters an enterprise computer system or network too slowly.
Companies can take up to four months to address critical vulnerabilities and, on average, more than 200 days to detect a data breach. This gives hackers ample opportunity to launch a successful assault and wreak financial and reputational damage. The second reason is that most enterprises, lacking sufficient security staff, don’t sufficiently appreciate what really does and does not work in cybersecurity, nor the traits that characterize competent and sophisticated hackers.
Good hackers are patient and studious. If they believe a company is worth infiltrating, they examine defenses thoroughly for weaknesses before launching an attack.
The cybersecurity challenge is even tougher for security pros working in the financial services sector, government and in the protection of critical infrastructure, where extremely sophisticated and generously funded nation-state actors are commonly the perpetrators. In these cases, in particular, defenses necessary to thwart attacks must pour through extensive data and utilize it to analyze the adversary. Coupled with appropriate analytic tools, defenders can understand the pattern of the attack and map against the files.
A survey by Nuix Black Report of white hat and black hat hackers found that traditional defenses against hacking, such as firewalls and antivirus software, at best slow hackers down. What is more effective is better security analysis at endpoints and, most important, two strategic measures – tailored automated artificial intelligence techniques, and at times the adoption of offensive, as well as defensive, cybersecurity measures…
More basic hygiene steps, of course, are also important to pursue. Here are a few key ones:
- Consider adopting intrusion detection systems. An example of such a company that provides this system is Attivo Networks. Attivo applies deception-based decoy and luring technologies within networks to deceive and misdirect attackers into revealing themselves.