It's getting harder to distinguish between normal and unusual threat activity, with more sophisticated attacks exacerbated by hybrid work and, soon, AI attacks. Defenders need correlated rather than isolated telemetry to get more signal and less noise, say Jeetu Patel and Tom Gillis of Cisco.
The onslaught of distributed denial-of-service, ransomware, data exfiltration and other attacks on the healthcare sector highlight the importance of optimizing the many sources of threat intelligence available today, says Taylor Lehmann, director of the office of the CISO at Google Cloud.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
First-party fraud is all about intent and banks have to determine whether the person carrying out the transaction is doing it intentionally. That's hard to do for a basic binary decision model, says Steve Lenderman, senior vice president/director of global loss prevention and fraud, BM Technologies.
Proofpoint has focused on preventing cyberattacks, but customers have increasingly asked for help with blocking lateral movement from compromised identities, says CEO Ashan Willy. Acquiring Illusive in December will help Proofpoint block identity attack paths when a user is compromised.
The cloud security landscape has long been fragmented, and different vendors attempt to separately address containers, serverless and vulnerabilities, says Wiz CEO Assaf Rappaport. Consolidating detection, vulnerability and misconfiguration data in a single place reduces the noise for clients.
Lacework has debuted an attack path analysis tool to help organizations understand the havoc specific threats could wreak within their cloud infrastructure, says CEO Jay Parikh. The company helps customers prioritize which risk elements inside their infrastructure should be addressed first.
The Identity Theft Resource Center's 2022 Annual Data Breach Report reveals a near-record number of compromises - the second-highest number in 17 years. ITRC COO James Lee worries that a sudden lack of transparency in breach notices is creating more risk for consumers.
Ukraine traced a cyberattack that delayed a press briefing by the nation's information protection agency Tuesday to Russian Sandworm hackers. The group, which is accused of using wiper malware to disrupt the Ukrainian national Media Center, has close ties to the Russian GRU, investigators say.
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
Essential reading for network defenders: CircleCI's report into its recent breach, which began when malware infected an engineer's laptop. After stealing "a valid, 2FA-backed" single sign-on session cookie, attackers stole customers' secrets and gained unauthorized access to third-party systems.
Identity and access management company Okta revealed that its private GitHub repositories were accessed earlier in the month, resulting in the theft of its source code in its Workforce Identity Cloud code repositories. "No customer data was impacted," Okta says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.