HOME
NEWS

Three trends to watch in the growing threat landscape


By VARINDIA - 2023-09-08
Three trends to watch in the growing threat landscape

by Augusto Barros, VP Cyber Security Evangelist at Securonix

 

It’s no secret that the threat landscape is rapidly changing. Securonix Autonomous Threat Sweeper (ATS), for example, observed 1,588 global cyber threats over the past year. With new threats on the horizon daily, industries around the world are scrambling to protect their businesses. The good news is that the cybersecurity industry has been steadily evolving to meet those threats.

With increased threats comes a greater need for advanced security measures. Companies can no longer rely on the achievements of the past, which drives continuous industry innovation. This evolution fuels three key trends emerging within the cybersecurity industry to meet the needs of organisations in the growing threat landscape.

 

Detecting Activity Through Collaboration 

Collaboration might seem like an obvious thing, however, the growth in collaboration throughout the cybersecurity industry has been explosive in both public and private sectors. What was once taboo, is now a growing requirement, with renewed interest in collaboration that cuts across industries and geographies. This development puts a greater emphasis and value on sharing not only threat intelligence but also threat detection content and knowledge to support proactive defense. Public-private partnerships are critical to defending against evolving cyber threats and an ever-expanding attack surface.

 

The production and consumption of threat intelligence is a rapidly growing practice as part of the push toward collaboration. Organizations are now aware that they need the data, but many security systems are still designed to operate in a siloed manner. Technology is moving towards a new reality in which shared information can be used in multiple steps of threat detection and response, from real-time detection to retroactive sweeps of logs, and from inter-organization sharing to intra-group and intra-SOC collaboration.

We now see numerous examples, like when reports emerged about a threat group (named Storm-0558 by Microsoft) accessing email accounts from multiple organizations, including U.S. government agencies. This is an interesting case where we can see how collaboration among technology providers, customers and government can help organizations fight cyber threats. Although steps and artifacts used by threat actors change and evolve over time, efficiently sharing information and data about attacks allows organizations to detect similar activity in their environments.

 

Increase in Insider Threats

The volume of typical cyber threats often eclipses the relevance and importance of insider risk. Insider threats are different in two ways: they are not as frequent as external cyber attacks, but the potential for more impact is much greater.

Some recent cases of cyber espionage, sabotage and even the participation of insiders in major ransomware attacks remind us that security is not only about blocking attacks from the internet, but also monitoring and controlling the use of resources by authorized, internal users.

We are currently witnessing an interesting moment in insider threat defense. Research shows a significant increase in insider threats -- malicious or not -- over pre-pandemic levels. Effectively detecting insider threats requires advanced analytics with robust capabilities, something that is virtually impossible to accomplish with traditional signatures and rules approaches.

We now have a deeper understanding of how to detect insider threats, with programs moving away from DLP solutions based on static content signatures to smarter approaches based on advanced analytics, including promising new AI techniques and algorithms. The buzz around AI now seems easier to justify in this field, as advanced algorithms identify anomalous and potentially malicious behaviour by authorised users.

The Coming of Age in AI and Analytics

The use of advanced analytics in cybersecurity has been growing fast, with new use cases emerging every day. Machine Learning successfully detects malware, phishing, and other simple threats. But as expectations start to align with reality, many have found that we still have too many alerts and false positives. This is where the new wave of analytics will focus on, enabling detection of more than just the "bad things," but providing more meaningful alerts.

The famous correlation promise of the old SIEM will manifest itself in a completely new way, where detection engineers will not be required to identify the connections between multiple events in advance. Now is the time to expand the use of tools like AI to help identify more subtle attacks, link different threat activity streams together and, most importantly, help further weed out false alarms while empowering security analysts and engineers during their investigations to accelerate the confirmation and response to breaches in meaningful ways.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA