What a 'new-normal' cyber threat posture should look like

Holistic strategies of prevention, detection, response and prediction can protect the network and future of organisations.

By Dr Moataz Binali

Published: Mon 21 Dec 2020, 5:45 PM

Remote working is here to stay. Anecdotal evidence from across the MENA region, along with several formal studies, suggests a warming to the idea of working from home. Organisations have come to realise that a hybrid workplace is nothing to fear. Except for one factor - that ever-changing threat landscape.

To say that cyber-attackers adapt to trends is nothing new. Indeed, to those of us who survey the digital battleground regularly, it appears that malicious parties never sleep. In the first half of this year, Trend Micro blocked nearly 124 million cyber threats across the Middle East and North Africa, 82 per cent of which were email borne. We also detected over three million malware threats, and Trend Micro products blocked nearly 19 million malicious URLs from being accessed by users in the region during the same period. Ransomware, once again, was ubiquitous. Globally, we saw a 36 per cent jump in new ransomware families, compared with the same period in 2019.

Organisations beginning to reimagine their workplace and thrive in this new normal - hybrid networks, multi-domain environments, unvetted endpoints and unpredictable user behaviour - will need to re-evaluate what it is they are trying to protect. The network has changed. Much of your ecosystem and network transactions now bleed into domains you do not control. Therefore, holistic strategies - resting on the strong pillars of prevention, detection, response, and prediction - will win out.

Preventing initial incursions is always a good place to start. Training everyone to be a warrior in your battle is a vital step. Ensure your employees, from the boardroom to the mailroom, are versed in best practices. You can also protect your digital estate by addressing vulnerabilities in the applications you run, ensuring they are always up to date with the latest patches. Investing in some means of automating this process is advisable. Such automation will also help you to prioritise your updates more easily, filtering the everyday threats out from the more advanced, and the unknown.

Your ability to detect a breach will greatly influence your success in mitigating the scope of damage and the resultant cost to your enterprise. By using an approach called connected-threat defence, you can enlist the help of endpoints, network devices, servers, and other apparatus in sketching a bird's-eye view of your entire ecosystem. When threat hunters set out to chase down incidents, they will be better armed with a detailed topography of your technology stack.

Response must be swift, subtle, and tailored to the moment. Constant vigilance is a must. Networks that were clean today may be compromised tomorrow. Context-rich information is helpful in this regard. Security professionals can adapt their response more easily when furnished with visually intuitive information. They can route resources to the optimum destination and will not be blinded by a blizzard of alerts. Solutions like XDR (extended detection and response) connect data, applications, communications, and endpoints into a single hybrid knowledge centre. This approach was specifically designed to empower security teams to effectively prioritise their responses.

The cybersecurity industry continually works to hone its ability to predict upcoming data breaches. This is, of course, the ultimate deliverable. Foreknowledge could be the difference between beating cyber-pests, and costly downtime and damage to brand reputation. Trend Micro's 2020 predictions say that home offices and other remote-working spaces would redefine supply-chain attacks, leaving ecosystems extremely vulnerable. This is one of many trends that will need to be addressed by security professionals trying to protect users and organisations in the new normal.

We must prepare. The future has arrived by stealth and many were ill-prepared. But by sketching out a sensible approach, and implementing it resolutely, we stand to build safer ecosystems where enterprises can thrive and grow.  

Dr Moataz Binali is the vice-president of Trend Micro Middle East and North Africa.

More news from