By Randall Richard, Head of Enterprise Sales,
Kaspersky North America
2020 changed the cybersecurity landscape on two fronts: volume
and supply chain complexities.
Attack surfaces expanded and softened as employees migrated
off well protected corporate networks and logged on from home. As a result, the
number of incidents and the money cyber criminals made from exploits like
ransomware skyrocketed,
growing 311% to $350M.
Last year also brought to light the devastation of supply
chain attacks with the news regarding the SolarWinds breach.
Even with top notch solutions in place, organizations must
always be at the top of their game, since the simplest of security oversights
can be exploited at any time. And with threat actors reinvesting in new tools
and techniques, organizations will continue to face an increase of attacks that
are very difficult to detect as they have never been seen before.
So how can an organization uncover the invisible cyber
threats and protect from the unknown?
Know your place on
the most wanted list
Having a complete understanding of where your organization
stacks up in terms of its security posture can fundamentally change how to
assess risk and reframe the way you think about threat intelligence.
A basic rule of thumb when building out a security framework
is to know yourself first by having a vast understanding about how threat actors
view your industry, who they target, how and why. Then it is important to
determine where your organization falls on the spectrum and how attractive you
might be as a target.
Organizations then need to perform the same exercise for all
its clients in order to understand if threat actors may leverage any of those
relationships as a point of vulnerability. This becomes more complex when factoring
in the supply chain and the need to break down every piece in order to discuss
where vulnerabilities lie. However, it's a necessary step, since being a point
of entry for a supply chain attack could have huge reputational consequences
for all involved.
Look beyond the
machine
A recent Harvard Business
Review article
discusses how to spot and react to these "Black Swans," emphasizing that the
key to uncover and identify an unknown risk is real analytics. Tools such as machine
learning and automation can help with known threats, but to fight the unknown, the
human element is required.
While AI may thrive in stabile, predictable environments, the
true value and talent of human analysts shines when irregularities occur and
their ability to investigate and creatively solve problems comes to the
forefront.
Building
out internal threat hunting teams to perform such tasks is no small undertaking,
especially when budgets are razor thin and there is an acute shortage of
qualified talent. So what can be done?
What to consider when
selecting a threat hunting service
The best protection against unknown threats for any
organization is to incorporate threat hunting into your overall security
program. The best way to do that for many organizations is through a managed
threat hunting service. To do so, here
are three easy steps to take when selecting a threat hunting service that is
best for your business:
1.
Choose top
rated detection: Since the reason why a company invests in threat hunting
is to find and mitigate threats before the damage is done, select a service
that is built on technology with a proven history of uncovering threats that
are complex, subtle and previously unseen.
2.
Quiet the
noise: As organizations gain visibility into their own security environments
through Endpoint Detection and Response or the threat landscape through Cyber
Threat Intelligence, it can lead to an increase of fear, uncertainty and doubt.
Incorporate solutions that leverage automation where possible so that human threat
hunters can focus their efforts on anomalies that require a specialized human
touch.
3.
Pick top
talent: Align yourself with an organization that has the expertise needed to
assemble the small, quiet anomalies that may seem irrelevant on their own, but
when pieced together show a more accurate picture of your company's security
posture. An organization that can leverage external intelligence to give
context to what they are seeing and can then quickly take action
While it is becoming more commonplace to think about long
term threats and understanding the risks within a supply chain, it is also
important to consider the less obvious factors that contribute to the ecosystem
that speak to a higher level of responsibility that may be placed on smaller
organizations. Because no organization of any size wants to be the one that
gives the bad guys a win.
##
ABOUT THE AUTHOR
As head of enterprise sales, Kaspersky North America, Randall
is responsible for leading the U.S. enterprise sales team while driving
business-to-business growth with the Kaspersky United network of trusted
channel partners. Randall brings an extensive sales background to his role at
Kaspersky with almost a decade of sales management and leadership experience.
Prior to joining Kaspersky in 2020, Randall served as a global sales manager at
RSA, a computer and network security company focused on encryptions and the
standards around encryption. In his role, he managed the Fraud and Risk
Intelligence Division, ensuring that both costumers and team members fully
understood all the product had to offer.