decrypting myths
Solving problems at scale with hyperautomation
With the rapid shift to remote work , many organisations have been tasked with understanding how to manage and secure infrastructure that ‘ transcends traditional boundaries ’. Chris Goettl , Senior Director , Product Management for Security , Ivanti , talks us through the challenges
CISOs are facing right now , introduces us to Ivanti Neurons and highlights how it is helping security teams .
hHow would you describe the threat landscape right now ?
Change brings opportunity . For threat actors , it is a way of life . Changes in technology allow threat actors to defeat security measures that were effective previously . Changes to our environments increase the potential for something to be misconfigured outside of IT oversight . Changes in code by a vendor to resolve a security vulnerability provides an opportunity to reverse engineer those changes and exploit it . Most recently , the rapid shift to remote work changed our IT infrastructure drastically and many organisations are still figuring out how to manage infrastructure that transcends traditional boundaries .
Ransomware started as a random spread of malware through phishing and other means to try and ransom individual systems for a three to fourdigit payout . In 2016 , we saw a largescale targeted ransomware attack that increased its ransom demand . SamSam was averaging US $ 50,000 payouts by conducting a more hands-on attack while simultaneously ransoming organisations ’ critical infrastructure . In 2019 , there was a drastic increase in average ransoms due to another tactical change : ransomware was now paired with data exfiltration . Sodinokibi and Ryuk , who have perfected this combination attack , quickly rose through the ranks of ransomware families . As a result , the average ransom paid had gone from > US $ 9,000 to US $ 111,605 by the end of Q1 2020 .
Beneath these attacks , the same security controls are being exploited . A user is phished , a vulnerability is exploited , or a credential is stolen to gain access . Once in , the threat actors use automated and manual means to move about the environment , find and exfiltrate sensitive data , and execute the ransomware attack .
What key challenges are CISOs currently facing ?
CISOs are faced with significant challenges . Pre-COVID-19 challenges are now compounded by the pandemic . www . intelligentciso . com | Issue 30
67