SMI Solutions Brief
Cybersecurity Inside Out
As perimeter defenses weaken and internal threats expand, custom security solutions emerge.
Traditional cybersecurity
tools – firewalls, intrusion detection, etc. – are inadequate against advanced cyberattacks, compelling cybersecurity experts to deploy nimbler solutions capable
of discovering and tracking threats, including those that originate internally. Mark Erbach, strategic development manager for CDW•G, says nearly half of the respondents of “The Cybersecurity Insight Report” have experienced a security breach within the past year, and many customers feel ill-prepared to meet those challenges. “IT groups lack confidence that they have the right technology and/or resources in place to ensure they can address the threats they face,” Erbach says.
Just as strong, inflexible perimeter walls effectively blunted the straight- ahead attacks of an earlier era, thwarting the cyber assaults of more sophisticated and adaptable malware requires flexible, sophisticated solutions that can be tailored to the characteristics of organizations. Often, a customized approach is more effective than a one- size-fits-all solution.
Growing Sophistication
HiddenWasp, a recently discovered malware, illustrates the
sophistication of modern threats. The malware targets Linux systems infected in an earlier attack. HiddenWasp downloads and executes code to upload files or perform other actions. At the time of its discovery in May, it had not been detected by any of the 59 anti-virus engines tracked by the VirusTotal
including large attack surfaces, increased risk of compromise and the inability to measure risk properly.
“Privileged accounts provide administrative access to IT systems, public cloud infrastructure, business applications, and sensitive data,” Rossi says. “As a result, these accounts are targeted by advanced
Ponemon also found that organizations required an average of 73 days to contain an incident, with only 16 percent of cases contained in less than 30 days.
malware service.
“When a critical vulnerability is
exploited, organizations can suffer major IT system outages that impact critical operations,” says Bob Rossi, CDW’s vice president of networking, digital workspace and security solutions.
The exploitation of vulnerabilities can expose privileged accounts,
both on-premises and in the cloud, identify privileged passwords, SSH keys and password hashes, and allow lateral movement within a network. Without visibility into the scope of privileged accounts and privileged account risks, organizations can
face a variety of ongoing challenges,
insider attackers in the vast majority of cyberattacks. Yet, many organizations are unaware of the volume and location of privileged accounts throughout their IT environments.”
Insider threats are increasing,
as well. A 2018 survey by Crowd Research Partners, a market research firm, found that more than 90 percent of respondents felt vulnerable to insider attacks. A majority said they had experienced one or more insider attacks over the previous 12 months. The primary risk factors
for such attacks, according to
Crowd Research, are too many users with excessive access privileges, a