Modern thinking is needed to counter modern security threats

By

Evolving threats, detection lag, prevention focus - shift to resilient, proactive mindset.

Modern attackers use a variety of tools and techniques to overcome defences to steal data, execute ransomware attacks and cause damage and disruption to their targets. And while defenders continue to use many different tactics and tools to block malicious activity, the number and impact of successful cyberattacks continues to grow.


So, given the resources targeted at thwarting cybercrime, why is this problem still not solved?

Dave Shephard, the Vice President for Asia Pacific and Japan at Illumio, says our prevention first approach needs to change.

“We're in an era where people accept that perfect prevention isn't possible. Whilst prevention controls have done a lot for us, compromise is inevitable, and detection often lags. Attackers can move freely in a network before they’re identified. Breach containment and lateral movement are the problems we're trying to solve.”

Reports suggest at least a quarter of cyber-attacks rely on lateral movement. That means coming at the problem with a new mindset. Shephard says you need to think about how to make your business resilient from the inside out, not just from the outside in.

“A zero trust or assume breach mindset are the right mindset for a modern security professional. If you’re prepared to think differently, then you’re prepared to act differently. The technologies and the tools of yesterday aren't going to save you from the threats of today and tomorrow,” he says.

Transitioning from an end-point prevention strategy to a zero trust or assume breach mindset can seem challenging. But Shephard says starting with an assessment where you understand not just what systems connect with each other, but which can connect with each other is key.

“Understanding how communication could occur will help you to frame the blast radius and understand or calculate the impact of a breach,” he adds.

Shephard says this will enable the organisation to identify some quick wins that can be implemented that will deliver instant reductions in risk levels. They key, he says, is to get started and not wait for a perfect plan.

“Don't let perfect be the enemy of good. Get started, be prepared to iterate and use your partners to help you along the way”, says Shephard.

Access the full iTnews State of Security report: Here

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
dataillumiopartner contentsecuritystate of security

Sponsored Whitepapers

The Healthcare CISO’s Guide to Medical IoT Security
The Healthcare CISO’s Guide to Medical IoT Security
The Enterprise Buyer's Guide to IoT Security. 5 Must-Haves for Comprehensive Zero Trust IoT Security
The Enterprise Buyer's Guide to IoT Security. 5 Must-Haves for Comprehensive Zero Trust IoT Security
How to reach the ‘Holy Grail’ of security and performance with SASE
How to reach the ‘Holy Grail’ of security and performance with SASE
Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Transforming Your Business
Transforming Your Business

Events

Most Read Articles

Australian organisations lack the 'data smartness' which could help them reduce emissions, improve productivity

Australian organisations lack the 'data smartness' which could help them reduce emissions, improve productivity
Robust identity management bolsters security and boosts revenues in higher education

Robust identity management bolsters security and boosts revenues in higher education
The rise of the cloud-conscious adversary

The rise of the cloud-conscious adversary
Securing your endpoints is critical for defence in depth

Securing your endpoints is critical for defence in depth

Digital Nation

Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX
COVER STORY: What AI regulation might look like in Australia
COVER STORY: What AI regulation might look like in Australia
State of Security 2023
State of Security 2023
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data

Log In

  |  Forgot your password?