Webinar: 2016 Cyber Security Threat Predictions Webinar & Whitepaper Synopsis

Category: CIS Controls

NNT recently hosted a webinar and published a series of educational resources on the predicted 2016 Cyber Security Threat Landscape. To that end, NNT would like to provide you with a brief overview of our findings.

In our recent whitepaper- 2016 Threat Predictions- Top Ten Cyber Security Tips to Keep You Safe- NNT discussed the predicted cyber security threats by analysts and vendors and highlighted NNT’s view on the outlook for 2016 and beyond.

 

VENDOR & ANALYST PREDICTED THREATS

 

What Does Experian Think?

  • Chip & PIN Won’t Stop Payment Card Breaches
  • Attacks on Healthcare Institutions Will Increase
  • Cyber Conflicts between Enemy Nations Will Increasingly Affect Civilians s Targets and Consequence Spreads
  • Hacktivism Will Make a Comeback

Read the full report by Experian here

 

What Does Trend Think?

  • 2016 Will See an Increase in Online Extortion
  • At least One Consumer Grade Smart Device Will Case Fatalities
  • China Will Drive Mobile Malware Growth to 20M by the End of 2016
  • Hacktivism Will Increase
  • Little to No Change in Priority or Investment at a Corporate Level
  • Cybercrime Legislation Will Become a Global Movement

Read the full report by Trend Micro here

 

What Does Gartner Think?

  • The Attack Surface is Changing All the Time
  • Mapping Visibility
  • Don’t Focus Too Much on Zero Day Threats
  • Emphasis Should be More on Prevention Than Detection
  • Known Vulnerabilities Will be Sold on the Black Market 

 

Our View

  • The Field of Attack is Broadening
  • Organized Crime Will Join the Cyber Movement as it Ceases to be the Sole Domain of the Specialist Hacker
  • Apathy and Cost Will Remain as the Primary Blocks to Cyber Security
  • Litigation Relating to Loss of PII to Drastically Increase

 

THE TYPICAL MISTAKES MADE BY MOST IT TEAMS AND WHY CORPORATE SECURITY FAILS

 

While the need for Cyber Security defense measures is of top importance, most organizations run into difficulty determining what the right Cyber Security strategy for their organization should be, along with which technologies and products to implement into their IT environment.

Many vendors promise they can handle all known threats to an enterprise when the reality is it just isn’t that simple. Cyber Security takes many forms and the range and nature of today's threats are so varied that there just isn’t any way of getting around the fact that it will require a multi-faceted solution.

Similar to losing weight and getting fit, Cyber Security requires 24/7 discipline and a combination of technical measures, procedures and working practices to maintain solid defenses. It’s precisely for this reason that organization will continue to get breached unless a Cyber Security mindset becomes second nature for all employees.

Organizations looking to capture and defeat APTs, stop Phishing attacks and malware, block and alert insider threats, while also protecting your IT environment from ransomware and other heinous attacks need to consider a multi-layered approach to security and more comprehensive security policies and standards.

 

This article was published with Information Security Magazine- read the full article here

 

TOP 10 CYBER SECURITY TIPS

 

  1. Mitigate Vulnerabilities

 

While easier said than done, vulnerabilities need to be balanced against risk and operational requirements. Microsoft’s latest Security Policy covers thousands of settings that control functional operation and in turn, security of a host. In addition, the Center for Internet Security Benchmarks provides secure configuration guidance’s drawn from manufacturers, with academic and security researcher input. These are available free of charge and provide your organization with full details for auditing and remediating vulnerabilities from a comprehensive range of platforms. To mitigate these vulnerabilities, automated tools are definitely an essential.

 

  1. Firewall, or better, IPS

  2. AV

 

A security toolkit essential is firewall and AV. While there are numerous ways to leapfrog these security settings, there isn’t going to be a quick-fix single course of action of technology that will keep us secure, but these legacy security components still play an essential role.

 

  1. EMET

 

One valuable defense layer often under-utilized is EMET, which provides a range of technical countermeasures to a variety of Windows vulnerabilities. EMET is provided as an optional extra for a good reason- it is very good at preventing malware execution.

 

  1. AppLocker

 

Some of the complementary technologies available can be used to plug further weak spots, and AppLocker can do just that. AppLocker provides the means to whitelist/blacklist programs and dll operation to lock down PC and Server operations. This is a very blunt instrument that will stop programs dead in their tracks if in violation of your rules.

 

  1. System Integrity Monitoring

  2. Change Control

 

All leading cyber security policies and standards call for change control and system integrity monitoring for a reason- it's key to your defense strategy. There are three main reasons why change control and system integrity monitoring are vital to maintaining cyber security. Firstly, once we’ve got our vulnerability mitigation and secure configuration work implemented, we need to make sure that remains in effect forever more. In doing so, we need a means of assessing when changes are made to systems and to understand what they are and if they weaken security. Secondly, any change or update could impact functional operation, so it’s vital we have visibility of any changes made. Lastly, if we get visibility of change as they happen- especially if we have a means of reconciling these with details- then we have a highly sensitive breach detection tool to spot suspicious action when it happens.

 

  1. Promote an IT Security Policy

 

Cyber Security is not just the responsibility of the IT team- it must be an organization-wide competency. Until Cyber Security hygiene becomes a basic life skill for all, it will be down to the workplace to educate.

 

  1. Encryption (BitLocker)

 

Data encryption can prove a lifesaver if there’s a breach that results in data theft. While plenty of commercial options exist there’s also a free of charge MS option in the form of BitLocker. You can use it to encrypt all drives or just data on local and removable drives. If used correctly, this audit report can provide the recommended settings to use when first implementing BitLocker, and will also highlight any drift from your corporate build standard along with all other security settings needed to protect systems.

 

  1. Don’t Be Thrown Off Course by the Latest ‘Must-Haves’

 

Lastly, focus on getting the security fundamentals right and not chase the latest ‘must have’ products on the market. While there may be no such thing as 100% security, implementing layered and 360-degree disciple can help instigate and then maintain security. Vulnerability Management, System Hardening, Change Control and Breach Detection are essential components needed and with NNT’s Change Tracker Gen7 you can do all of these functions and much more.

 

This article was published with Professional Security Magazine- Read the full list of Cyber Tips here

 

To download this Whitepaper, click here

To watch the pre-recorded 2016 Threat Predictions Webinar, click here

To read this article, click here 

 

Cloud and Container Security
The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
Information
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.