Dealing with the Messiness of Cybersecurity Threat Landscape

The cybersecurity threat landscape is a huge and messy one, and it changes year to year.

According to Dimension Data’s Executive Guide to NTT Security’s 2019 Global Threat Intelligence Report (GTIR 2019), the most common attack types, with web attacks being most prevalent, doubling since 2017 and accounting for 32% of attacks in 2018. Reconnaissance (16%) was the next most common hostile activity, followed by service-specific attacks (13%) and brute-force attacks (12%).

GTIR 2019 Attack Categories

Web attack is referring to the attack on organization Internet facing applications and application-specific vulnerabilities - for example, the DDoS attack on the web server.

Control recommendations :
  • Deploy DDoS mitigation
  • Prioritise patching
  • Segment your network environment
  • Enforce secure coding practices
  • Deploy application-aware firewalls
  • Perform regular vulnerability scanning
Therefore, a security framework based on predictive model of old data is highly inefficient - the solution is to have a predictive threat intelligence security framework which offers a holistic approach towards achieving a higher cybersecurity maturity benchmark.

Nonetheless, Mark Thomas, VP, Cybersecurity at Dimension Data opines that most enterprises may not have the right resources.

Mark Thomas, Dimension Data
The predictive threat intelligence lies in the amount of threat information you are able to collect. Security teams need to start digging deeper into the murkier and harder to reach corners of the internet – such as the dark web – to outsmart the bad guys. With machine learning potentially monitoring billions of logs, patterns can be identified and automated safeguards established so that attacks can be deflected instantly.

Therefore, managed security services are recommended where Dimension Data has the following offerings:
  • Enterprise Security Monitoring Services
  • Security Device Management
  • Thread Detection Services
  • Vulnerability Management

Just outsource to the pro !