Intelligent CIO Europe Issue 34 | Page 39

TALKING business

‘‘ hHow would you describe the threat landscape right now ?

Change brings opportunity . For threat actors , it is a way of life . Changes in technology allow threat actors to defeat security measures that were effective previously . Changes to our environments increase the potential for something to be misconfigured outside of IT oversight . Changes in code by a vendor to resolve a security vulnerability provides an opportunity to reverse engineer those changes and exploit it . Most recently , the rapid shift to remote work changed our IT infrastructure drastically and many organisations are still figuring out how to manage infrastructure that transcends traditional boundaries .
Ransomware started as a random spread of malware through phishing and other means to try and ransom individual systems for a three to four-digit payout . In 2016 , we saw a large-scale targeted ransomware attack that increased its ransom demand . SamSam was averaging US $ 50,000 payouts by conducting a more hands-on attack while simultaneously ransoming organisations ’ critical infrastructure . In 2019 , there was a drastic increase in average ransoms due to another tactical change : ransomware was now paired with data exfiltration .
Sodinokibi and Ryuk , who have perfected this combination attack , quickly rose through the ranks of ransomware families . As a result , the average ransom paid had gone from US $ 9,000 to US $ 111,605 by the end of Q1 2020 .
Beneath these attacks , the same security controls are being exploited . A user is phished , a vulnerability is exploited , or a credential is stolen to gain access . Once in , the threat actors use automated and manual means to move about the environment , find and exfiltrate sensitive data , and execute the ransomware attack .
What key challenges are CISOs currently facing ?
CISOs are faced with significant challenges . Pre-COVID-19 challenges are now compounded by the pandemic . Depending on your industry , you are either worried about remote workers and how to balance
Chris Goettl , Senior Director , Product Management for Security , Ivanti
security initiatives with Business Continuity , or you are deep into physical security and safety concerns if remote work is not an option . Most organisations ’ remote workers prior to the pandemic were managed acceptably through a VPN and other tools .
With most users now working remotely , tools may be stretched to meet demands and security requirements . Many CISOs have had to make hard decisions around prioritising Business Continuity over security in the short term .
How have your customer requirements changed and how have you adapted ?
Customer requirements have definitely changed due to COVID-19 . Prior to the pandemic , only a small number of remote workers needed support . A good example of this is Microsoft System Center Configuration Manager ( SCCM ) customers and the push to InTune . Ivanti has a third-party updates plug-in for SCCM that allows a company to easily publish hundreds of non-Microsoft application titles into SCCM quickly and easily . This saves companies an average of two to four hours of effort to package and test third-party updates as they release .
Prior to COVID-19 , companies asked if there were plans to support Microsoft InTune with www . intelligentcio . com INTELLIGENTCIO
39