Are you equipped to handle more undetected breaches in 2021?
by Raymund Taylan, Senior Security Advisor
9 February 2021
Real financial and reputational impacts are waiting for organisations who survive, but fail to properly manage, a major security breach
Cyber criminals are always creating new ways to exploit unknown software vulnerabilities. The alarming part is deployed security solutions, which are meant to protect against cyber attacks, are the ones being targeted by cyber criminals so they can gain unauthorised access to your confidential data.
Hosted security solutions require continuous updating and monitoring
The majority of security solutions are still hosted and maintained locally in major organisations, including hospitals and government departments I have previously worked with. These organisations have great security solutions in place, but the question is whether these security solutions are regularly assessed, updated and configured to detect a valid security incident and send alerts to notify security team about anomalous activity that may lead to serious data breach.
Legacy software and supply chain attacks
Solarwinds, Mimecast and Cisco are some of the cyber security companies that have surfaced in recent cyber news due to known vulnerabilities that exposed their customers to cyber criminals. And this month, Reserve Bank of New Zealand, is one of the companies who recently had a data breach due to Accellion’s unpatched legacy software of file transfer appliance.
Malware authors are taking advantage of the trust between companies, customers, and security solution providers. In a supply chain attack, cyber criminals target update servers and inject malware into update releases, infecting customers through the software’s official distribution channels.
On the other hand, many organisations are still relying on legacy software. Due to high switching costs and operational risks when replacing the system, many companies choose to keep using legacy systems. Unfortunately, these are the key weak spots cyber criminals target to gain access to confidential data.
Utilise IT security experts
Due to the ongoing pandemic, plus an industry shortage of IT expertise, many organisations outsource security patching, monitoring and alerting to a third party or Managed Security Service Provider (MSSP) who is experienced in detecting anomalous behaviour and taking quick remediation actions for valid threats.
In the period where legacy software needs to be maintained, MSSPs can also deploy a layered approach to mitigate the risk by patching and implementing additional controls and real-time access reviews. Having an army with the right level of knowledge and visibility over your network to detect anomalous behaviour is a big help to mitigate and manage future cyber attacks whilst keeping your business operations running with legacy software products.