In many cases, zero-day vulnerabilities are
patched, fixed or otherwise mitigated before
attacks can cause serious damage. Unfortunately,
the inverse is also true. In 2019, SonicWall
recorded and analyzed the top 10 CVEs that
were exploited “in the wild.
New Exploit Kits Emerging
With of various cyber-criminal gang
members, some exploit kits (EK) have emerged to
replace older variants. But even the new EKs still
utilize fairly old Internet Explorer and Adobe Flash
vulnerabilities. Like their predecessors, they also are
mainly distributed via “drive-by-download” and
malvertizing campaigns.
THERE IS AN EXPLOSION OF EXPOSURE POINTS.
Citing the rapid emergence of IoT across multiple industries, Gartner states 5.8 billion
endpoints will be in use in 2020. Predictions forecast up to over a trillion programmable endpoints over the next two decades.
WE’RE FACING A CYBERSECURITY BUSINESS GAP.
Risk escalates with the explosion of exposure points
and remote/mobile workers
Cost grows increasingly prohibitive and the shortage
of trained personnel becomes more acute
Constrained resources simply can’t keep up
SOLUTIONS:
Connect and secure a boundless workforce
across all environments to eliminate blind spots
Gain a unified view of risk, including prioritization
and control across your entire organization and
multiple generations of IT infrastructure
Increase visibility and control over dispersed
remote, mobile and work-at-home employee
systems and traffic
See how the experts at CisCom can help you with this and more!
Blog content for the Boundless Cyber-security series provided by our partners at SonicWall.
Security Costs continue to rise - And skilled staff is harder to find
While no surprise, the cost of cyber-security continues to rise. Gartner notes an 8.7% year-over-year increase in IT security spending last year. Most importantly many organizations plan on increasing the size of their departments, a growing number of those face challenges with inadequate security budget to fill those slots.
"Your organization may have no idea of what’s being missed."
Across all threat vectors, the array of threat types are also expanding, deepening and getting smarter. Never-before-seen variants are up 145% year-over-year. Organizations are seeing a 60% change in types of threats and 45% increase in the number and frequency of threats.
The modern organization exists in an increasingly complex and globally
connected world. Cyber-security technology is both an enabler and
inhibitor as organizations adapt to this rapidly changing environment.
As security technologies and the cyber threats evolve, a new cyber
arms race has emerged, which places cloud-forward organizations
and their cyber-security solutions in the cross hairs of a growing global
cyber-criminal industry.
Security Layer 11
COMBATS: WIDE-SCALE ATTACKS WITH KNOWN SIGNATURES | MALWARE VIA NON-STANDARD PORTS
Next-generation firewalls (NFGW) are the massive, foreboding walls
that defend your traditional core network. When properly deployed,
next-generation firewalls are tremendously successful at stopping
known cyber attacks.
Layer Security 10
COMBATS: SHADOW IT | mALWARE IN CLOUD APPLICATIONS
Shadow IT is a growing risk for many organizations. Employees often
don’t have ill intentions and just want to complete their work, but
nevertheless they can introduce unverified or untested applications or
services into your network, leaving your organization vulnerable.
Security Layer 9
COMBATS: PROCESSOR THREATS | SIDE-CHANNEL ATTACKS
The most disturbing vulnerabilities — and potentially future attack
vectors — are occurring at the processor level. Advanced side-channel
threats, like MDS, Spoiler, Spectre, Meltdown, Foreshadow and
PortSmash, are shifting the cyber war to an entirely new arena, which
is extremely difficult to monitor or patch.