Organizations are progressively adopting offensive strategies to tackle cybersecurity threats before they evolve into actual attacks, reveals a recent report by a breach and attack simulation company. In its latest annual State of Exposure Management & Security Validation analysis, Cymulate highlighted a significant shift in the approach of security leaders towards cybersecurity.
According to the report, the traditional practice of accumulating new technologies and managing vulnerabilities in a reactive manner is proving to be ineffective. Instead, there’s a growing trend among security professionals to proactively identify and mitigate security weaknesses before they’re exploited by cybercriminals.
Utilizing data from a range of cybersecurity activities, including attack surface assessments and simulated attack scenarios, carried out across its customer base of over 500 organizations, Cymulate puts a spotlight on the increasing embracement of proactive cybersecurity measures. These measures involve adopting the perspective of potential attackers to uncover and rectify security gaps preemptively.
Cymulate’s Co-founder and CTO, Avihai Ben Yossef, emphasized the importance of proactive measures in the face of evolving cyber threats and the continuous exploitation of known vulnerabilities by adversaries. He praised the growing adoption of exposure management and security validation tools as critical steps towards enhancing organizational security postures.
The report criticizes the outdated annual pen-testing and limited scope red team assessments, pointing out their inefficacy in the face of contemporary DevOps and cloud environments. Continuous validation of defensive security measures against numerous attack scenarios is essential to ensure the effectiveness of security controls, stated David Kellerman, Field CTO of Cymulate.
Echoing this sentiment, Matt Quinn, technical director for Northern Europe at XM Cyber, stressed the inefficiency of merely detecting attacks as they happen. He highlighted the shift towards a proactive approach that involves understanding and rectifying the root causes behind the vulnerabilities, rather than just compensating for them.
Callie Guenther, a senior cyber threat research manager at Critical Start, and Luciano Allegro, co-founder and CMO of BforeAi, further discussed the criticality of proactivity in cybersecurity, especially given the rapid evolution of the cyber threat landscape. Their comments underscore the necessity of anticipating and mitigating potential threats and vulnerabilities ahead of time to prevent costly and disruptive attacks.
The report also delves into various proactive strategies being deployed by organizations, as outlined by Rob T. Lee from the SANS Institute. These strategies include the adoption of threat intelligence services, regular penetration testing, implementing Zero Trust frameworks, conducting security awareness training for employees, and utilizing advanced security solutions like EDR and SOAR platforms. Furthermore, it highlights the importance of cybersecurity awareness at the upper management and board levels, following recent regulations by the SEC.
Artificial intelligence’s role in proactive cybersecurity is also highlighted, with Matt Hillary, Vice President of Security and CISO at Drata, discussing how AI can support the identification and remediation of critical vulnerabilities. However, Elisha Riedlinger, COO of NeuShield, pointed out the challenge for some organizations in adopting proactive security measures due to resource and time constraints.
Additionally, the report reveals an increasing risk of data exfiltration and the diminishing effectiveness of data loss prevention (DLP) controls among organizations, as noted by Gopi Ramamoorthy of Symmetry Systems and John Bambenek of Bambenek Consulting. The findings underscore the necessity for a greater focus on data-centric security and the adoption of emerging technologies to better manage data security postures.
Source
