It’s a futuristic cybersecurity threat landscape out there – one that sometimes feels like it’s ripped from the pages of a science fiction thriller. State actors and government-sized interests are finding more sophisticated ways of delivering targeted cyberattacks. Highly funded cyber-outlaws are delivering polymorphic malware that permeates enterprise defenses, establishes a foothold and transmits data back to the criminal mothership. The security industry is working overtime to create advanced malware sandboxing and endpoint detection and response (EDR) solutions to keep pace, but the attackers always seem to be one step ahead.
This sort of thing is going on. Networks and applications are compromised this way. Sometimes.
The truth is, though, that it’s not how most – or even how many – cyberattacks take place. Most of the instances of catastrophic hacks we hear about don’t come from rogue states with limitless resources. Rather, they’re coming from average criminals with average resources. Whether they’re mere mischief makers, low-level extortionists or affiliates of one organized crime syndicate or another, they don’t have a spare billion in bitcoin to throw at your firewall.
So why are they still getting in? The answer is simple.
Run-of-the-mill cybercriminals look for run-of-the-mill ways onto a network, system or application. They want the most bang for their buck. And while there’s a tendency for businesses to focus on the thrilling, frightening, bleeding edge of cybersecurity, most successful hacks happen because of a failure to implement the cybersecurity basics. Best practices for securing networks and applications – some of which have been standard for decades – are not followed, making it easy for a cybercriminal to get what they’re looking for without expending too much effort.
It’s no exaggeration to say that failing to manage the cybersecurity basics is leaving businesses vulnerable – understanding how and why this is the case can help both IT pros and the businesses they support take critical steps that tend to get missed.
More Info: what jobs can i get with a+ certification
This sort of thing is going on. Networks and applications are compromised this way. Sometimes.
The truth is, though, that it’s not how most – or even how many – cyberattacks take place. Most of the instances of catastrophic hacks we hear about don’t come from rogue states with limitless resources. Rather, they’re coming from average criminals with average resources. Whether they’re mere mischief makers, low-level extortionists or affiliates of one organized crime syndicate or another, they don’t have a spare billion in bitcoin to throw at your firewall.
So why are they still getting in? The answer is simple.
Run-of-the-mill cybercriminals look for run-of-the-mill ways onto a network, system or application. They want the most bang for their buck. And while there’s a tendency for businesses to focus on the thrilling, frightening, bleeding edge of cybersecurity, most successful hacks happen because of a failure to implement the cybersecurity basics. Best practices for securing networks and applications – some of which have been standard for decades – are not followed, making it easy for a cybercriminal to get what they’re looking for without expending too much effort.
It’s no exaggeration to say that failing to manage the cybersecurity basics is leaving businesses vulnerable – understanding how and why this is the case can help both IT pros and the businesses they support take critical steps that tend to get missed.
More Info: what jobs can i get with a+ certification
No comments:
Post a Comment