itb-au logo
Story image

Evolving threat landscape top priority for security and risk leaders

The evolving threat landscape was ranked as the top driver impacting the information security organisation during the next three to five years, according to a recent survey by Gartner.

“External risk is top of mind for security and risk management leaders in 2020, yet COVID-19 has proved how rapidly and how drastically such risks can change,” says Jonathan Care, senior research director at Gartner. 

“Bad actors are always looking to take advantage of worldwide events, such as the pandemic, to exploit new vulnerabilities and circumvent even the most advanced security controls," he says.

COVID-19 Highlights New Threat Vectors

As organisations worldwide moved to remote work spurred by COVID-19, the number of exposed remote desktop protocol (RDP) and virtual private network (VPN) services increased, and the widespread reliance on digital meeting solutions created new threat vectors, Gartner says. 
Security teams also had to develop new protocols for remote endpoint management and patching.

“Before the pandemic, most enterprises designed their risk appetites around the assumption that remote working was the exception, rather than the norm,” says Care. 
“When that scenario was flipped, risks such as always-on VPNs and bring-your-own-device, which were previously a lower priority for security leaders, suddenly became top of mind," he explains.
"This forced security teams to rapidly reassess their enterprise’s risk landscape and deploy new solutions and policies accordingly.”

Threat actors took advantage of the urgency and chaotic nature of the changes in working environments to leverage new tactics. Gartner has observed an increase in reports of coronavirus-related business email compromise (BEC) and phishing scams, including SMS phishing (“smishing”) and credential theft attacks.

COVID-19 also led to increased nation-state activity from advanced persistent threat (APT) groups targeting healthcare and essential services. These actors are using scan and exploit techniques, as well as password spraying that attempts to take advantage of unpatched vulnerabilities, to obtain bulk personal information, intellectual property, and national intelligence.

Deploy Agile Security Solutions to Adjust to Changing Threats

In response to the dynamic nature of the immediate threat landscape, Gartner recommends that organisations invest in security solutions that are agile enough to evolve alongside it.

“Many organisations waste time on legacy security technologies that have lost efficacy, or they continue to needlessly tune effective controls,” says Care. 
“Rather than trying to anticipate and block all possible threats, invest in solutions with detect and respond capabilities, which can assist with unknown threats and improve response efficacy when prevention fails.”

Gartner predicts that by the end of 2023, more than 50% of enterprises will have replaced older antivirus products with combined endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions that supplement prevention with detect and response capabilities. 
Extended detection and response (XDR) capabilities are also emerging to improve detection accuracy and security productivity.

Security and risk leaders can use a continuous and adaptive risk and trust assessment (CARTA) strategic mindset to evaluate vendor products and determine how they can build up more adaptive defenses by applying the concepts of prediction, prevention, detection and response.

Story image
Motorola to launch smart, rugged personal radio
The MXP600 TETRA radio includes intelligent mic and speaker management for noisy environments and a connected app for flexible comms.More
Story image
How 'data gravity' centres can spell trouble for enterprises
In the not-too-distant past, data was created in a much more centralised place, and users and systems had far less access to it. Now, with digital data from social, analytics, mobile, cloud, IoT and more being created with both simultaneity and omnipresence, so much information is being collected that it’s forming a ‘centre of gravity’.More
Story image
HPE awarded $160 million contract to build supercomputer in Finland
The supercomputer, which is referred to as ‘LUMI’ by EuroHPC JU, will help European researchers and private and public organisations significantly advance R&D and drive innovation in areas such as healthcare, weather forecasting, and AI-enabled products.More
Story image
Yotta and Blue IoT partner up, with asset management solutions a key focus
Yotta and Blue IoT have entered into a collaborative partnership to work together on asset management as well as smart building and environmental services solutions.More
Story image
The intelligent workspace for Australian businesses returning to work
With the right workspace management tools, businesses can easily access information about who is in an office, how long they have been there, and how long they can stay.More
Story image
InterSystems releases solution for self-service BI
With a new partnership, it integrates AtScale’s Adaptive Analytics technology with InterSystems’ data management capabilities.More