editor ’ s question
?
he pandemic has
T permanently altered the cybersecurity landscape , bringing with it a new set of threats and challenges to overcome .
While businesses were quick to adopt new technologies and accelerate Digital Transformation , they have been left exposed to cybercriminals who sought to exploit weaknesses for steep financial gains .
As leaders look to navigate new technologies , systems and processes to protect themselves from threat agents , I explore the top cybersecurity threats facing organisations across APAC today that require urgent attention .
Misconfiguration of Active Directory will continue to experience high volumes of ransomware attacks
Ransomware trends will continue to come and go as operators find new entry points and shift tactics to launch large-scale security attacks . But regardless of how tactics change , Active Directory ( AD ) will remain the go-to target as it ' s simply too lucrative for adversaries to pass up .
Threat actors will continue to leverage misconfigured AD to move laterally , escalate privileges , and create the same chaos experienced by some of the world ’ s largest companies including SolarWinds and MSFT Exchange .
To secure the AD environment , organisations across APAC must patch and secure every configuration that is known to be exploited while remaining vigilant in the identification of new entry points . Put simply , AD must be secured and maintained 24 / 7 . Without this level of commitment , multiple breaches should be expected in 2022 .
Securing your hybrid workforce
With the rise of hybrid work , it will become even more difficult for organisations to protect enterprise data as employees constantly move from their homes to the office , connect to public Wi-Fi at the local coffee shop , and access enterprise information on their mobile devices while commuting .
This means businesses must now continuously monitor and verify every attempt to request access to data at all levels , whether that happens through a device , app , user or network attempting connection . Without this level of security , visibility and segmentation , attackers can leverage vulnerabilities in the environment , move laterally and infect other assets . While the adoption of a Zero
SCOTT MCKINNEL , ANZ COUNTRY MANAGER , TENABLE
Trust model doesn ’ t happen overnight , it can play a vital role in an organisation ’ s overall cybersecurity strategy .
Collaboration is key to addressing critical infrastructure threats
As seen throughout the year , attacks on critical infrastructure environments can have dire consequences , not only for a business but society in general . Facilities are increasingly interconnecting their Operation Technology ( OT ) and IT networks to drive innovation . But this convergence has rapidly expanded the attack surface and increased the number of attack vectors . A lack of good cyberhygiene within OT infrastructures has set up critical infrastructure environments to be high-value targets for cybercriminals .
This calls for greater public and private sector collaboration to ensure baseline cybersecurity requirements are grounded in consensusbased , international standards . The establishment of best practices including the assessment of risk and collaborative response capabilities will play an integral role in strengthening the ability of industry and government to prevent even the most advanced attacks . u
As seen throughout the year , attacks on critical infrastructure environments can have dire consequences .
30 www . intelligentciso . com