How Understanding Cybersecurity Threats Influences Your Defenses

There are the threats you know of.  Then, there are the threats you should actually be defending against. 

Right now, some people think that these are the big cybersecurity monsters:

DevOps Connect:DevSecOps @ RSAC 2022

  • Distributed denial-of-service (DDoS): your website, server, or network is overwhelmed by a flood of malicious Internet traffic.
  • Brute force: an oldie, but a goodie. These attacks try combinations of usernames and passwords over and over until they find something that works, gaining access to your system.
  • ‘Man in the Middle:’ a malicious actor secretly relays and/or alters communications between parties who think they are communicating directly with the other.
  • Worms, trojans, and other command-and-control attacks: all the various kinds of malware that can damage, disrupt, or steal data from your networks.

Are these dangerous? Sure. They’re not to be taken lightly.  Yet, these are just the old veterans of cyberthreats.  New, stronger soldiers have taken to the field that are more adaptable to your defenses.  

Prevention technology was architected to fight these older kinds of attacks, not the new ones.  Just as the threat has evolved so must our cybersecurity postures. No longer is anti-virus and firewall sufficient.  To combat these new Big Bads, cyber defenders have pivoted to a strategy predicated on detection and response.

What Are These New Threats?

First, let’s talk about the cloud.  While moving to the cloud might protect you from the “old guard” threats, you’re ignoring the new ones you open yourself up to.

You can’t rely on merely constraining your active directory users and assuming that protects your systems. We all know that most people reuse passwords across multiple apps and that few have bothered with two-factor or other multi-factor authentication. And let’s not even talk about all the password scribbled on sticky notes hanging (Read more...)

*** This is a Security Bloggers Network syndicated blog from IntelliGO MDR Blog authored by Adam Mansour. Read the original post at: