Thursday, June 13, 2024

Role of CISOs and MSSPs to combat expanded cyberthreat environment

1. How have malware attacks trended in India from 2022 to 2023 according to SonicWall’s data, and what implications does this trend hold for organizations?

As per the threat report there has been a slight decrease in Malware attacks from 2022 to 2023 by about 12% overall in India. On the other hand, Ransomware attacks went up by 10% and India has witnessed the 10th highest nos. for ransomware attacks in the world which is quite an alarming situation.

Today, organisations are fighting to defend against increasingly sophisticated cybercriminals. Cybersecurity experts are working tirelessly to stay one step ahead. As the bad guys leverage better tech, so can security decision-makers in charge of enterprise safety.

A vital step in prevention is, of course, the firewall: next-generation models which can detect and prevent threat actors from both entering and exiting networks. More advanced solutions are needed to keep pace with the onslaught of attacks by inspecting the traffic in real-time and identify any threatening activity or breaches.

Although threats and attacks such as Malware and Ransomware tend to be out of the control of businesses, the responsibility to alleviate unnecessary pains still initially falls on the vendor, whose responsibility it is to be completely transparent with its customers. As soon as any vulnerability in its software is known, speed and effectiveness in sharing relevant information and patches with customers and stakeholders is crucial.

CTOs and CIOs must understand the risks that their organizations face from attacks of ransomware, traditional malware and other threats and address them as a high priority while avoiding making silly mistakes.

A complete audit of the organisation’s current security infrastructure, including security awareness training programs, the security solutions they have in place, and the processes they have implemented to remediate security breach is a must.

Finally, security should be viewed as a holistic exercise, from the cloud services that are employed to detect and remediate threats all the way down to every endpoint solution.

2. What significant changes in cyber threat landscape were observed in India in 2023, particularly regarding ransomware attacks and IoT vulnerabilities, according to the SonicWall report?

As per our threat report, 2023 proved to be a year of volatile, adaptive and creative digital threats. India region saw a big jump in IOT attacks (about 327%) and an overall intrusion attempts rise at 20% during the year.

With the complexities and dynamism of today’s threat landscape and its growth at an alarming rate, solutions must be just as complex and evolving in nature with conventional network solutions getting more and more redundant.

In this situation, it’s a big task for security professionals to cope with the overwhelming volume of cyberattacks from the endpoint to the cloud.  Managed services are emerging as the best solution route providing organizations with the additional human-layer of defense, addressing alert fatigue, and freeing up valuable resources and time for core business functions.

3. In what ways have Managed Service Providers (MSPs) emerged as crucial allies for organizations in combating the evolving cyber threats highlighted in SonicWall’s 2024 Cyber Threat Report?

We see that today’s CISOs are concerned about the effectiveness of cybersecurity solutions. In the current market, they are often forced to stitch together a slew of different products and services. This poses a couple of challenges; one the data is too spread out and difficult to manage and you will need people to manage all of those tools. Secondly, the threat detection and response towards it is not an easy task.

As the threat landscape expands, new products and services are also available in the market to address those threats. That’s a good thing but it also means that the average CISO is working with a lot of different solutions that don’t always play well together. Moreover, what is needed is a 24×7 response strategy that would be able to mitigate attack situations.

With limited resources, skill gaps, its practical and viable solution to go with MSSP who can offer as service with Managed Detection and Response (MDR) capabilities.

SonicWall’s MDR service, powered by Solutions Granted, leverages advanced analytics, threat intelligence and human expertise to deliver sophisticated and thorough incident investigation and response. Incident validation, along with remote response services such as threat containment, are also available.

4. Could you elaborate on the global trends in cyber threats as outlined in the SonicWall report, particularly focusing on the rise of cryptojacking, IoT exploits, and encrypted threats?

According to the threat report, malicious intrusions in 2023 went up 6%, malware up 11% and cryptojacking up 659%. This shows that the odds that any given organization will be targeted are skyrocketing.

In 2023, the vast majority of cryptojacking attacks involved XMRig. This open-source software is a legitimate tool readily available on the internet—but because it’s relatively easy to use and configure, it’s often abused. It’s accessible to even novice threat actors, but also provides an avenue through which more advanced users can modify code in an attempt to evade detection and increase profits.

In 2023, SonicWall Capture Labs threat researchers observed 15.7 million encrypted attacks. This is the most it’s been since we began reporting on this threat metric, and we’ve seen an increase of 117% year over year.

Across the globe, while North America saw a more modest increase of 30%, triple-digit jumps were also recorded in Europe, Asia and LATAM, where encrypted attacks rose 182%, 462% and 527% respectively.

Even sharper increases were observed in some of the industries we studied — all of which experienced triple-digit spikes. Finance saw the smallest increase: attacks on these customers “only” doubled. But healthcare (252%), education (429%), government (629%) and retail (680%) all saw encrypted threats skyrocket in 2023.

5. How does SonicWall’s Real-Time Deep Memory InspectionTM (RTDMITM) technology contribute to identifying and combating the ever-growing number of never-before-seen malware variants, as mentioned in the 2024 Cyber Threat Report?

One of the major advantages SonicWall has, is the knowledge it can gather on the latest cyber threat status. SonicWall RTDMI technology detects and blocks malware that does not exhibit any malicious behaviour or that hides its weaponry via encryption. To discover packed malware code that has been compressed to avoid detection, RTDMI allows the malware to reveal itself by unpacking its compressed code in memory in a secure threat detection environment.

Besides being highly accurate, RTDMI also improves sample analysis time. Since it can detect malicious code or data in memory in real-time during execution, no malicious system behaviour is necessary for detection. The presence of malicious code can be identified prior to any malicious behaviour taking place, thereby rendering a quicker verdict.

By giving admins the ability to block until verdict, create customized policies and scan select files in the cloud, SonicWall Capture ATP combines the efficiency of automation with greater flexibility and control.


Please enter your comment!
Please enter your name here



Hot Topics

Related Articles