Responding to the Evolution of Cyberattacks

December 28, 2016 Arctic Wolf Networks

As long as hackers have something to gain from cybercrime, they’ll continue finding new ways to breach organizations. It doesn’t help that as businesses implement new forms of technology into their arsenal of productivity tools, they also create more attack vectors – each new application and endpoint is a target for cybercriminals.

In the past few years, the proliferation of mobile devices in the office, bring-your-own-device policies, industrial internet-of-things endpoints, web-based applications and so many other forms of digital transformation have been met with cyberthreats that are tailor-made to exploit them.

The important question, and the one that we explore in this blog post is, how are businesses responding to these threats?

‘A short cut to the money’

First, it’s worth underscoring an extremely important component of modern cybercrime, which is that it doesn’t beat around the bush. As Michael Kaiser, executive director of the National Cyber Security Alliance (NCSA), put it during a roundtable discussion hosted by SC Magazine, the evolution of cybercrime is, “a shortcut to the money.”

Nowhere has this been more apparent than in the meteoric rise of ransomware, which will soon become a billion-dollar illicit industry, according to the FBI. There are several reasons underlying ransomware’s efficacy, but two are particularly worth nothing:

  1. The rising sophistication of social engineering schemes has made it easier to infect a target.
  2. Once infected, businesses have very few options for swift remediation.

Historically, the best way to make money on cybercrime was to steal personally identifiable information and then try to sell it on the dark web. This year, we saw a direct $81 million virtual bank heist. Meanwhile, business email compromise schemes have cost companies millions of dollars. Hackers simply pose as an executive in an email, request that certain funds get moved around, and the next thing a business knows, tens of thousands of dollars are gone in thin air.

Protecting your assets from cyberthreat-induced risk

“Risk avoidance really isn’t an option anymore.”

On top of ransomware, BEC and phishing schemes, businesses also have to contend with the insider threats, lost or stolen mobile devices, Internet-of-Things DDoS attacks and a bevy of other risks. And because digitization has played a pivotal role streamlining productivity, improving collaboration and creating new revenue streams, risk avoidance (not playing the game, so to speak) really isn’t an option anymore. Digital transformation, and all the dangers that come with it, are inevitable realities for businesses that want to be successful.

The solution now is to take a risk-based approach to managing cybersecurity. This entails understanding your organization’s unique vulnerabilities, and knowing the most effective way to address them. Equally as important, businesses need to ensure that they have an incident response plan in place for the various types of cyberattacks that may impact their bottom line or reputation.

Granted, keeping cybersecurity in house means having to manage a SIEM 24/7/365, which is far too expensive for small and medium-sized businesses. The alternative, outsourcing everything to an MSSP, makes it difficult to know for sure if you’re adequately managing cyberthreat-induced risk for your business.

It’s this very dilemma that has led to a service known as managed detection and response (MDR). As implied by the name, MDR is a managed service that offers businesses an affordable way to improve cyberthreat detection and incident response. MDR achieves this by supplying clients with a security operation center that tracks threats in real time, reports that provide an end-to-end outline of the threat’s lifecycle, solutions for how to improve cybersecurity and recommendations for how you can respond to intrusions to mitigate losses.

To learn more about how businesses are managing risk in today’s cyberthreat landscape, click on the banner below.


Previous Article
Small Businesses: Don’t Build Your Own SOC
Small Businesses: Don’t Build Your Own SOC

Buying cybersecurity is the best option – it's just a matter of knowing what to buy and who to buy it from.

Next Article
PCI Checklist: How a SOC Helps You Maintain Compliance, Improve Security
PCI Checklist: How a SOC Helps You Maintain Compliance, Improve Security

There are few offerings that can do both of these well at the same time, but a managed security operation c...


Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Thanks for subscribing!
Error - something went wrong!