Webinar: The Future of Endpoint Security
Join Cybereason CSO Sam Curry and IBM Security Executive Advisor Limor Kessem as they discuss the future of endpoint security based on the results from ESG's Endpoint Security Trends report...
Fred O'Connor
From tips on how to help business executives better understand risk acceptance to defining supply chain attacks to insight on how to overcome the security talent shortage, Cybereason CSO Sam Curry fielded several participant questions following our webinar on security trends for 2018.
In this blog, Sam answers some of the questions that he wasn’t able to get to following the webinar. Listen to a recording of the webinar or check out the slides to learn how security leaders can mitigate threats including fileless malware attacks, supply chain attacks and destructive attacks and why, despite ever-evolving enemies, 2018 has the potential to be the year of the defender.
This varies greatly by company. However formalized or not, risk conversations are happening. If your company is smaller and less formal, you may have a chance to lead it.
If it's larger and more formal, this is your shot to get involved. Go find that conversation and build relationships, listen a lot and adapt to that conversation. It's not the job of the business to learn security. It's our job to learn the business and plug in.
Think of this as the literal supply chain as in a manufacturing case but also in the ecosystem of partners and suppliers of products and services, from recruiting to HVAC to legal to development and even consulting. There are many trust relationships that can become vectors into the organization from outside the corporate footprint.
Yes. It means knowledge-based authentication is dead. It means better mapping of trust pathways. It means better abilities to blackmail, spear phish and bribe, which generally means an increase in effectiveness and attack diversity. But not direct IoT yet. I don't think there's a correlation here with IoT but both are independently too easy so expect both to be exploited in parallel. Why not? Low hanging fruit to grow sophisticated actors’ asset base is job number one.
Absolutely. We would be fools not to welcome folks with transferable skills, affinities and the right attitude. My new year’s resolution is along these lines. Let's welcome everyone here and look to make it easier, deeper and clearer as a career path!
We need to stop thinking of war here as a binary. It's a continuum. It's not just about all-out war. So I don't think all-out war is imminently likely. One day, sure. Not yet. But a gradually heating Cold War is already happening: unlike the historical Cold War, it's multipolar and there is not enough detente yet!
Yes, that's all me. I use it to differentiate financially motivated blackmail and destructive malware from purely destructive malware where there's no bribe in the world that will save your data. NotPetya used techniques that were similar to ransomware. But no payment was going to save your data if your machine was infected. The guise of NotPetya being ransomware was, at best, a distraction and might have made the damage worse by leading defenders to think a payment could resolve things.
Fred is a Senior Content Writer at Cybereason who writes a variety of content including blogs, case studies, ebooks and white papers to help position Cybereason as the market leader in endpoint security products.
Join Cybereason CSO Sam Curry and IBM Security Executive Advisor Limor Kessem as they discuss the future of endpoint security based on the results from ESG's Endpoint Security Trends report...
Cybereason has earned the coveted Gold-level OPSWAT Certified Security Applications verification for the Cybereason Sensors ActiveProbe 22.X for Windows, Mac and Linux endpoints...
Join Cybereason CSO Sam Curry and IBM Security Executive Advisor Limor Kessem as they discuss the future of endpoint security based on the results from ESG's Endpoint Security Trends report...
Cybereason has earned the coveted Gold-level OPSWAT Certified Security Applications verification for the Cybereason Sensors ActiveProbe 22.X for Windows, Mac and Linux endpoints...
Get the latest research, expert insights, and security industry news.
Subscribe