Cybersecurity Cloud & Data

Organizations are looking in the wrong place to fight cyberattacks

Organizations are addressing trending cybersecurity threats while catalogued industry-wide security issues remain unaddressed.

According to a report by cybersecurity firm Cymulate, many organizations are testing for trending threats at the expense of ones they are more likely to experience. Meaning, organizations are actively testing against threats seen in the news, likely from pressure to report on their exposure risk to emergent threats.

Read more: What startups want: Indian startups see benefits from a strong cloud core

The report also says that known and catalogued industry-wide security issues remain unaddressed.A significant number of organizations are not testing against more widely recognized threats such as ProxyNotShell and Emotet that continue to persist and are apt to cause the most harm if not remediated.

It’s understandable that organizations want to protect themselves against the major threats making headlines today. But the findings of the Cybersecurity Effectiveness Report underscore the fact that many attackers aren’t using advanced new strategies—they’re continuing to find success using known tactics

Carolyn Crandall, Chief Security Advocate for Cymulate

Carolyn Crandall, Chief Security Advocate for Cymulate, says, “It’s understandable that organizations want to protect themselves against the major threats making headlines today. But the findings of the Cybersecurity Effectiveness Report underscore the fact that many attackers aren’t using advanced new strategies—they’re continuing to find success using known tactics.

“Organizations need to shift their vulnerability management strategies to address these gaps by implementing Attack Surface Management tools for exposure assessment, Breach and Attack Simulation for security control efficacy validation, and Continuous Automated Red Teaming for more frequent penetration testing.”

Another horrifying revelation is that the effectiveness of data protection measures has declinedjumping from 30 to 44 in 2022, the average data exfiltration risk score has worsened considerably. Network and Group Policies have hada positive impact on prevention of data exfiltration, which has driven attackers to resort to alternative exfiltration methods.

Read more: Insider attack: Organizations expect employee churn-driven cyber issues in 2023

David Neuman, senior analyst at TAG Cyber, says, “Organizations must understand their security posture to identify vulnerabilities and protect against cyber threats.”

The report advises that businesses deploy breach and attack simulations, which has had a significant positive impact on cyber resiliency.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

Is AI Hitting a Plateau? The Scaling Debate OpenAI Prefers to Avoid

I think OpenAI is not being honest about the diminishing returns of scaling AI with…

8 hours ago

PayalGaming becomes India’s first female gamer to win an international award

S8UL Esports, the Indian esports and gaming content organisation, won the ‘Mobile Organisation of the…

16 hours ago

Funding alert: Tech startups that raked in moolah this month

The Tech Panda takes a look at recent funding events in the tech ecosystem, seeking…

2 days ago

Colgate launches AI-powered personalized dental screenings

Colgate-Palmolive (India) Limited, the oral care brand, launched its Oral Health Movement. The AI-enabled initiative…

2 days ago

The role of ASR in voice bots: Revolutionizing customer interaction through real-time recognition

This fast-paced business world belongs to the forward thinking organisations that prioritise innovation and fully…

3 days ago

Disrupting Fintech: How product studios are transforming financial services

In the rapidly evolving financial technology landscape, innovative product studios are emerging as powerful catalysts…

1 week ago