Cybersecurity Cloud & Data

Organizations are looking in the wrong place to fight cyberattacks

Organizations are addressing trending cybersecurity threats while catalogued industry-wide security issues remain unaddressed.

According to a report by cybersecurity firm Cymulate, many organizations are testing for trending threats at the expense of ones they are more likely to experience. Meaning, organizations are actively testing against threats seen in the news, likely from pressure to report on their exposure risk to emergent threats.

Read more: What startups want: Indian startups see benefits from a strong cloud core

The report also says that known and catalogued industry-wide security issues remain unaddressed.A significant number of organizations are not testing against more widely recognized threats such as ProxyNotShell and Emotet that continue to persist and are apt to cause the most harm if not remediated.

It’s understandable that organizations want to protect themselves against the major threats making headlines today. But the findings of the Cybersecurity Effectiveness Report underscore the fact that many attackers aren’t using advanced new strategies—they’re continuing to find success using known tactics

Carolyn Crandall, Chief Security Advocate for Cymulate

Carolyn Crandall, Chief Security Advocate for Cymulate, says, “It’s understandable that organizations want to protect themselves against the major threats making headlines today. But the findings of the Cybersecurity Effectiveness Report underscore the fact that many attackers aren’t using advanced new strategies—they’re continuing to find success using known tactics.

“Organizations need to shift their vulnerability management strategies to address these gaps by implementing Attack Surface Management tools for exposure assessment, Breach and Attack Simulation for security control efficacy validation, and Continuous Automated Red Teaming for more frequent penetration testing.”

Another horrifying revelation is that the effectiveness of data protection measures has declinedjumping from 30 to 44 in 2022, the average data exfiltration risk score has worsened considerably. Network and Group Policies have hada positive impact on prevention of data exfiltration, which has driven attackers to resort to alternative exfiltration methods.

Read more: Insider attack: Organizations expect employee churn-driven cyber issues in 2023

David Neuman, senior analyst at TAG Cyber, says, “Organizations must understand their security posture to identify vulnerabilities and protect against cyber threats.”

The report advises that businesses deploy breach and attack simulations, which has had a significant positive impact on cyber resiliency.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

Disrupting Fintech: How product studios are transforming financial services

In the rapidly evolving financial technology landscape, innovative product studios are emerging as powerful catalysts…

2 days ago

Harnessing the power of AI: Preparing today’s workforce for tomorrow’s challenges

In an era defined by rapid technological advancement, Artificial Intelligence (AI) stands as a transformative…

2 days ago

Indian esports makes history at BRICS Esports Championship in Moscow

In a historic moment for Indian esports, Wasfi “YoshiKiller” Bilal secured a silver medal at…

3 days ago

Geek Appeal: New gadgets & apps on the block

The Tech Panda takes a look at recently launched gadgets & apps in the market.…

3 days ago

Ecosystem harkat: India’s Biotech & space tech, early stage tech startups & women entrepreneurs in blockchain

The Tech Panda takes a look at what’s buzzing in the startup ecosystem. The startup…

3 days ago

Harris vs. Trump: Forecasting Bitcoin’s Future in a Post-Election Economy

With just days until the outcome of the U.S. presidential race, Bitcoin enthusiasts across the…

4 days ago