Virtualization Technology News and Information
Article
RSS
Bolstering Security Ahead of July 4th Weekend - Insights from Industry Experts

july4-security 

With the Fourth of July weekend just around the corner, many people are gearing up for a fun-filled holiday.  But as we celebrate our independence, it's important to remember that we also need to be vigilant about our security.

In recent years, there have been a number of high-profile cyberattacks that have targeted businesses and individuals during the Fourth of July weekend, with threat actors taking advantage of reduced IT staff, increased network traffic, and an overall lack of vigilance. These attacks have ranged from data breaches to ransomware attacks, and they have caused significant financial and reputational damage.

In this article, we are sharing insights from industry experts on how to bolster security and protect yourself from attack.  By taking some simple steps, you can help to ensure that your Fourth of July weekend is safe and secure.  So read on for some important security tips, and enjoy your holiday!

++

Anthony Cusimano, Director of Technical Marketing at Object First

"The obvious talk track most will discuss around any holiday is “When IT is away, ransomware will play,” I don’t want to downplay that genuine threat. But I would also like to call attention to another danger: wildfires. July 4th notoriously brings the most significant spike in wildfires for the entire year. According to the National Fire Protection Association, more than 28% of all fires started in the United States were reported on the 4th of July.  What does this mean for data centers? Ransomware isn’t the only risk posed this holiday. Datacenters are just as vulnerable to natural (and human-made) disasters as they are to digital threats, which is why we always speak to the importance of 3-2-1-1-0, three copies of data (and make sure they are immutable), two different media types, one offsite (far enough away to not be impacted by the same natural disaster should it occur), one that is air-gapped (and be careful with tape, it’s very flammable), and zero errors after backup verification. With the persistent threat of ransomware looming year-round, it’s easy to forget that data and data centers are still bound to physical devices and locations, and it’s equally essential to ensure replication and resilience are maintained to guarantee recovery from any threat is always an option."

++

Rick Vanover, Senior Director of Product Strategy for Veeam
 
"Don’t go into the Fourth of July holiday without the 3-2-1 backup rule. Do you have your backups, and are they working as expected? Human error continually remains the most common cause of data loss. This doesn’t change over the holidays. In fact, as employees become more lax, there automatically is less security monitoring, so it increases the opportunity for hackers to successfully target a vulnerable organization.

Backup is most important when a company needs to recover data, and this lesson is learned again and again as the risk of not being able to recover data puts the entire organization at risk. Veeam’s global industry data shows that backup is vital for recovering from a ransomware event, as on average, 39% of data is encrypted or destroyed. No organization, of any size, vertical, or geography has 2 out of 5 files, servers, or applications that they can afford to completely lose. And this risk only accelerates during holidays like the Fourth of July, when security falters. To prevent this, organizations should prioritize data protection strategies to drive recovery when it is needed most, especially as cyber-attacks and ransomware threats continue to increase. You can start with the 3-2-1 Rule."

++

Darren James, Senior Product Specialist, Specops – an Outpost24 Company

"Cybercriminals don’t take long weekends like most of the US workforce will be doing this July 4th holiday. On the contrary, any time of the year where companies may be less prepared to fend off a cyberattack is an opportunity for successful compromise.

As a result, the holidays put your company at a higher risk of attack, and it’s a good idea to emphasize to your users not to allow a relaxing summer weekend also mean relaxing their guard against cyber-attack.

Ahead of the weekend remind end-users not to click suspicious links, give out personal information, or respond to emails or MFA prompts they don’t recognize."

++

Nagarajan Chandrasekaran, VP - Product Success, Vembu Technologies

"The upcoming July 4th weekend is a time of celebration and unity. However, we cannot ignore the constant danger of ransomware that threatens our digital independence. In today's world, ransomware attacks are increasingly widespread and aggressive. Simply relying on basic protection measures is insufficient. It is crucial for organizations to maintain constant vigilance and accept that an attack is not a question of "if", but "when". The resilience lies in the integration of robust backup and recovery mechanisms.

As we prepare for the July 4th weekend, let us not only celebrate the principles of liberty and independence but also acknowledge the strength of our digital infrastructure. By adopting advanced and comprehensive backup solutions such as BDRSuite, we reinforce our collective determination to safeguard our data, protect our organizations, and uphold our freedom in the face of relentless cyber threats."

++

Karen Worstell, Senior Cybersecurity Strategist, VMware

“It’s that time again: serious new zero days are spreading in digital infrastructure. Security teams are stretched thin and in need of a well-deserved break. Unfortunately, time and time again, we have seen cybercriminals target major holidays and celebrations – like Fourth of July weekend – to launch sophisticated cyberattacks, leaving security teams between a rock and a hard place. In order to stay vigilant, here are the top three tips for IR teams:

  • Reduce noise. The less noise coming into your EDR environment, the fewer false positives will chew up your team’s attention and energy.
  • Eliminate context-switching. Multi-tasking doesn’t work and adds to alert fatigue and burnout. Have detection teams focus on detection and response teams focus on response.
  • Limit time “in the hole.” Try using 4 hour shifts of intense focus on incident detection (finding problems) followed by a four hour shift focused on building and creating improvements in the overall DFIR approach. 

We aim to manage incident detection and response for sustainability and the well-being of cyber defenders as well as in ways that get the best result. Getting ahead of these risks now will put organizations in a better position down the line.”

++

Theresa Lanowitz, Head of Cybersecurity Evangelism, AT&T Business

“Cybercriminals get to choose when and where they attack, but it's unlikely that a business’ internal cybersecurity team is equally ready and waiting to counterstrike at 2am over a long holiday weekend. While adversaries always seem to be a step ahead, CISOs must focus on actively monitoring key web applications. Proven to be a difficult, but necessary endeavor, application defects require priority alignment with development teams, and protection tools must comply with customer experience (CX) and governance requirements.

For success, CISOs must look to implement best practices that both minimize CX mistakes and rapidly address them. This requires extensive testing with the organization’s application (not just a generic tool) and the services of a 24x7x365 end-user facing expert response team. So, where do you find these people, how do you afford them, and how long until they are executing with Capability Maturity Model Integration (CMMI) 3.0+ maturity? By applying the same rigorous tests to their security operations models as they do their software design, CISOs can be granted a head start. They must also build a compelling business case for an adequate security budget - while working to empower their security team to write code objects that manipulate the behavior of applications and eliminate threats and risks. Further, edge compute can introduce a range of benefits as well. At a time where tools on their own are not enough, it provides a genuine alternative to advocating with the development manager. Consider outsourcing to specialist teams, or even augmenting internal teams with AI and apply it to the tasks of risk elimination and threat containment.”

++

Max Vetter, VP of Cyber, Immersive Labs

"Ramping up an organization’s defensive posture ahead of a holiday weekend like the Fourth of July is the wrong way to think about building cyber resilience, as attacks can occur at any moment and they are becoming more sophisticated. It’s much more effective to build a cybersecurity culture across the entire organization that sets the expectation that an attack could come at any moment - day or night, holiday weekend or not. Organizations can enhance their preparedness for cyber attacks by incorporating regular crisis exercising and real-life cyber simulations and labs, so that when a cyber threat does arise, business leaders know that their teams will respond effectively and rapidly because they’ve already practiced these scenarios."

++

Matt Fulmer, Cyber Intelligence Engineering Manager at Deep Instinct

"As proven with past holidays, cybercriminals understand that during these popular travel weekends, user vigilance is generally low, and cyber defense teams are more short-staffed than ever. In 2021, we saw Kaseya fall victim to a cyber attack during Independence Day weekend, and we can expect similar activity this year, especially with the rise of AI and other emerging technologies within enterprises.

With such rapid technological expansion, IT and security professionals must be even more vigilant over holiday breaks. Organizations must prepare and change their mindset now to get ahead of potential threats. We can no longer make it easy for cybercriminals – especially during high travel time and holidays – to access critical infrastructure and sensitive data. Predictive, preventative security tools will deny cybercriminals access while alleviating cyber defense teams that should be enjoying their Independence Day celebrations."

++

Jon Check, executive director of Cyber Protection Solutions at Raytheon Intelligence & Space

"A breach could occur within an organization at any given time - this is especially true when a security team is expected to be off the clock over a holiday weekend. As breaches are inevitable, organizations must be prepared with an incident response plan to avoid making bad decisions on the spot when they do occur. For example, the expectation for quick reporting can put an extra burden on security teams to get information out that won't necessarily help them find, isolate, or recover from an event efficiently. This can ultimately create a lack of transparency when reporting issues, with people fearing the loss of their jobs. Fortunately, having an incident response plan in place can help alleviate this pressure. With that said, departments across the industry must be made aware of this plan, in order to carry it out successfully. We’re also starting to see more emphasis on automation to prepare for security incidents. Tabletop exercises and automation tools that augment defenders’ capabilities will become key to accelerating a response."

++

Mark Ruchie, CISO at Entrust

"While cyber attacks can happen at any time, historically, holiday weekends can bring increased levels of threat for organizations. One way to prepare for these threats is to increase your training and awareness efforts around cybersecurity to encourage safe practices. For example, warn your employees about potential phishing threats that are related to or reference holidays, encourage them to go to sites directly rather than clicking links in emails and use multifactor authentication whenever possible.

Although holidays can lead to increased threats, attacks can happen at any time so it’s important to ensure your cybersecurity foundations are strong and reliable year-round. Implementing a Zero Trust architecture, for example, will help you reduce the threat of cyberattacks by protecting data and resources through continuous monitoring and verification.

These strategies will allow you to protect your information and identify where vulnerabilities are –– giving you valuable information that will help you adapt to new threats and risks before they become widespread issues, especially when short-staffed around holidays."

++

Eyal Benishti, CEO at IRONSCALES

"Cybercriminals are employing increasingly sophisticated methods, including the use of AI, to deceive individuals – and they are working. A recent ESG study, Tackling SaaS Communication and Collaboration Security Challenges, shows that despite increased investment in cybersecurity tools, phishing attacks (34%) and BEC scams (27%) remain the top threats that successfully circumvent existing security measures.In order for organizations to protect against the rise in these attacks, I encourage organizations to bolster their security defenses by evaluating their current security tools and ensuring they can protect against the BEC and ATO phishing attacks we’re seeing today.  Additionally, organizations can boost their employees’ awareness through consistent and tailored training so employees can play an active role in the defense against security attacks. Lastly, organizations should regularly update and optimize their security framework policies and procedures.As a worst-case scenario plan, it’s wise to create a recovery plan should a security breach happen to minimize and limit the damage."

++

Chris Dobrec, Vice President of Product & Industry Solutions, Armis

"Holiday periods are times when organizations will have key personnel out which may lead to inability to keep their guard up. This of course creates opportunities for exploitation by cybercriminals. We often see increases in IP theft, data leaks, denial-of-service, malware and ransomware as cybercriminals look to catch businesses at their most vulnerable.

On an ongoing basis – but especially ahead of any holiday period – organizations should think about their cyber and tech resiliency strategy in three key steps:

  • Organizations first need a detailed inventory of every asset that is connected to their network–taking into account both managed and unmanaged devices.
  • They then need to continuously monitor the behavior of all those assets to fully assess risk and look for active threats and exploits in the environment, which is oftentimes a challenge for unmanaged assets.
  • Action the intelligence so the technology environment can be optimized and support a resilient cybersecurity posture.

The key here is that businesses can’t protect what they can’t see; so first ensuring full asset and network visibility will be critical to protecting their networks during particularly vulnerable periods."

++

Jeremy Ventura, director, security strategy & field CISO at ThreatX
 
"Ahead of the 4th of July weekend, it’s critical that organizations are on high alert for potential security risks. Threat actors are more prone to attack organizations during holiday weekends as security resources soften, as we saw with the zero-day attacks over Memorial Day weekend by way of the MOVEit file transfer tool. Security teams must stay vigilant and ensure they have the appropriate measures in place, such as incident notifications, alerting and reporting. They should also have staff on call and prepared to jump into action should an incident occur.
 
It's important to note that there are already heightened security risks during the summer months. Between employees traveling and working remotely and their cyber hygiene becoming laxer, organizations should be implementing enhanced security measures and real-time threat monitoring for suspicious activity. Creating and regularly updating incident response plans and policies, while conducting awareness training, can also help mitigate potential threats.
 
ThreatX recently conducted research, finding that there’s an increased risk to corporate data in the summer months alone. One-third (33%) of employees are less likely to worry about cybersecurity best practices, and more than half (55%) admit to relying on their personal mobile devices while working from vacation destinations in the summer. Using personal devices heightens security vulnerabilities by creating more endpoints – especially when not using a VPN – and can open the door to bad actors looking to penetrate corporate networks."

++

Aimei Wei, CTO and Founder, Stellar Cyber, Inc.

"Holiday weekends are especially hazardous for small and mid-sized companies as well as MSSPs, because often the normal group of cybersecurity analysts are off for a few days. Hackers know this, and they also know that MSSPs and smaller organizations have very lean security teams to begin with, so holiday weekend attacks are more likely to go unnoticed.

The best way for these lean organizations to protect themselves is to use a security operations toolset that collects data from throughout the attack surface - cloud, network, endpoint, users, apps and SaaS infrastructure - and uses AI and machine learning to automate threat analysis and detection by combining all the telemetry into one console. This central-console approach largely eliminates the massive burden of manual data correlation, analysis, detection and response from these lean, overworked and under-skilled teams.

There’s no longer any reason for organizations with lean security teams to be second class citizens in the drive for comprehensive cybersecurity protection, whether it’s a holiday weekend or not."

++

Amit Shah, Director of Product Marketing at Dynatrace

"In the short term, organizations should review their current security posture to identify any gaps and proactively manage the risk posed by cyber threats over the long holiday weekend. By implementing best practices like vulnerability management, application security monitoring, and DevSecOps automation, organizations can prevent or limit a significant number of cyberattacks.

To truly safeguard their organization moving forward, IT and Security leaders need to adopt an AI-driven solution that converges observability and security. This will provide increased visibility across complex cloud environments and provide precise information. With it, organizations can automatically identify and reveal the impact of security vulnerabilities in real-time, freeing them up to focus on delivering faster, more secure innovation. With this approach, there is no need for IT leaders to worry about their security posture. They’ll have peace of mind knowing that their organization is protected."

++

Craig Debban, Chief Information Security Officer, QuSecure, Inc.

"With the summer solstice behind us and summer now in full swing, temperatures and barbecues are not the only things that are heating up. Social engineering exploits are on the rise these days, so beware of hackers’ tricks to steal your data or get unlawful entry into your organization.

Be suspicious of unsolicited messages. If you receive a message that you were not expecting, your “Spidey Senses Antennae” should go up right away. Be wary, even if the message looks legitimate at first glance. Similar to figuring out whether to answer an incoming call from an unknown number or not, ask yourself why is this person contacting you and what do they want?

Never use the contact information in a suspicious message. If you receive a potentially suspicious message, contact the presumed sender using information you’ve looked up independently (i.e., don’t use any contact information in the message itself) to make sure they actually sent the message.

Don’t assume your favorite apps are safe. Hackers know you’re more likely to be vigilant about phishing emails, which is why they’re increasingly trying to reach you via the apps and sites you trust. Have you ever received a text message recently that there’s problem with your PayPal or Facebook account? Hackers know they have a better chance of catching you with your guard down on social media, as well."

++

Peter Barker, Chief Product Officer, ForgeRock

"As we approach the July 4th holiday, organizations need to keep in mind that cybercriminals use holiday weekends like this as an opportunity to conduct sophisticated, targeted attacks. A new report found that unauthorized access is the leading cause of breaches for the fifth consecutive year. Instead of waiting for these attacks to happen, organizations need to closely monitor for unusual password activity and consider eliminating the use of passwords altogether. Not only are passwords a major security risk, they also hinder productivity and efficiency. Passwordless authentication replaces traditional passwords with more user-friendly, secure methods, ranging from biometrics, authenticator apps, and certificates. This holiday may mean downtime for you, but it doesn’t mean it will be for cybercriminals. It’s time we embrace a world where we never have to login again."

##

Published Thursday, June 29, 2023 9:01 AM by David Marshall
Filed under: , ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<June 2023>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678