Continuous Automated Penetration and Attack Testing (CAPAT) for COVID-19 Cyber-risk Mitigation

About a month ago, I wrote a blog about how COVID-19 was driving rapid and dynamic changes for CISOs. I followed this up with a second blog, detailing a number of subsequent cybersecurity phases CISOs are now pursuing to assess and mitigate COVID-19-based cyber risks.  

Both blogs describe some fundamental problems. Corporate cybersecurity now extends to home networks filled with insecure IP devices with little or no security protection whatsoever. Meanwhile, hackers are exploiting societal malaise with online scams, rogue websites, and phishing campaigns preying upon COVID-19 paranoia. A recent article in the Washington Post described research from Palo Alto Networks identifying more than 2,000 malicious COVID-19 web domains and another 40,000 it classifies as “high risk.”

Topics: Cybersecurity COVID-19 Tech Effect

Next Steps for Dealing With COVID-19/WFH

Last week, I wrote a blog describing 3 ways that COVID-19 is changing CISO priorities for 2020. COVID-19 drove large scale work from home (WFH) initiatives where the priority was getting users up and running as quickly as possible. Security leaders were then forced into an unanticipated follow on sprint to deliver elementary security safeguards for remote employees (i.e., VPNs, endpoint security controls, network security controls, etc.).

Topics: Cybersecurity COVID-19 Tech Effect

Adopting an Identity-centric View of the Perimeter

The notion of a matrix of “anyness” describes how the combination of knowledge worker mobility and the broad use of cloud services has significantly impacted the cybersecurity remit. The recent surge in remote workers has brought this concept to the fore and shown how conducting business on any device from any location at any time accessing any app and any data is the norm. This reality certainly challenges the castle and moat security model, highlighting the need to evolve how we think about the perimeter, to one that contemplates the many aspects of identity.

Topics: Cybersecurity COVID-19 Tech Effect

3 Ways COVID-19 Is Changing CISO Priorities

According to ESG research, 62% of organizations were poised to increase spending on cybersecurity in 2020. Thirty-two percent of survey respondents said they would invest in cybersecurity technologies using AI/ML for threat detection, followed by data security (31%), network security (30%), and cloud application security (27%).

Of course, that was back in the innocent and carefree days before COVID-19. Have things changed?  Yes, and seemingly overnight. Like society at large, the cybersecurity world's priorities, strategies, and tasks have been turned upside down.

Topics: Cybersecurity COVID-19 Tech Effect

Ransomware Still Rampant, Fueled by Insurance Companies

With ransomware a top security concern for most cybersecurity teams, the cost of cybersecurity insurance is making its way into the annual budgeting process for CFOs around the globe. While ransomware is not a new cyber-threat, largely entering the cybersecurity scene in 2016 and 2017 with high-profile attacks, research conducted by ESG reveals that a majority of organizations continued to experience ransomware attacks in 2019, representing a concern for both business and IT leadership.[1]

Topics: Cybersecurity

Toward a Common UI/UX for the SOC (Security Operations Center)

It’s 2020, yet many organizations still depend upon a myriad of disparate point tools for security operations, leading to many challenges. According to ESG research:

  • 35% of cybersecurity professionals say that the biggest challenges associated with managing an assortment of point tools is that it makes security operations complex and time consuming.
Topics: Cybersecurity

RSA 2020: A Review

RSA 2020 had an uninvited guest, Covid-19. Fist bumps replaced handshakes while hand sanitizing stations seemed ubiquitously stationed throughout the Moscone Center. Attendance seemed to be down due to factors like the virus panic and the withdrawal of major players like AT&T, IBM, and Verizon. 

While lots of people pulled back, the ESG team was in full attendance. Here are a few of our observations and thoughts on RSA 2020:

Topics: Cybersecurity

RSA Conference 2020 Wrap-up: The Human Perimeter (Includes Video)

With RSA Conference 2020 now in the rearview mirror, my colleague John Grady and I discuss the theme of the conference in this video blog, the human element. After acknowledging the importance of community, we explore how the emergence of software-defined perimeters (SDP) will help secure a variety of user access use cases. We also discuss how the broad adoption of cloud services is necessitating a retooling of identity and access management programs from SSO to MFA, privileged access management, and user activity analytics. We wrap-up noting how much we enjoyed seeing so much of our community at our annual ESG Breakfast at RSA Conference event.

Topics: Cybersecurity

Crime Fighting, Protecting the Innocent, and Stopping the Embarrassment of Modern Email Attacks

Introducing ESG’s Modern Email Security Video Series

As part of my ongoing research around modern email security, I am shooting a series of video interviews with leaders from several email security solution providers, talking about the current email threat landscape and strategies to defend against them. My goal is to make these educational, explaining what’s happening on both the attacker side and the defender side.

Topics: Cybersecurity

CISOs Are Finding Ways to Address the Cybersecurity Skills Shortage

As part of the ESG annual IT spending intentions research for 2020, respondents were asked to identify the area where their organizations have a problematic shortage of skills. Cybersecurity topped the list of problematic skills shortage areas, just as it has for the past 9 years.

Topics: Cybersecurity