‘White hat’ hackers actively attack to protect network security systems

Organizations are increasingly proactive in their defenses to stop threats before they become attacks, according to a report published Wednesday by an attack simulation and phishing company.

In its 2024 Security Validation & Exposure Management report, Cymulate argues that security leaders are aware that the model of buying new technology and managing vulnerabilities in a patching frenzy is not effective.

Instead of waiting for the next big cyberattack and hoping they have the right defenses in place, security leaders are now taking a more proactive approach to cybersecurity, the report continues. ever by identifying and addressing security vulnerabilities before attackers find and exploit them.

The report aggregates anonymized data from attack surface assessments, simulated attack scenarios and campaigns, and automated red team activities across more than 500 Cymulate customers, highlighting a proactive approach takes an attacker’s perspective to identify and resolve security vulnerabilities before attackers find and exploit them.

“As new attack tactics emerge and adversaries continue to leverage existing vulnerabilities, businesses cannot afford to react,” said Avihai Ben Yossef, Co-Founder and Chief Technology Officer of Cymulate said in a statement.

“They need to proactively evaluate the effectiveness of their security solutions, identify where the vulnerabilities are, and take the necessary actions to limit risk and minimize exposure,” he continued. We are excited to see more organizations adopting the security authentication and exposure management tools needed to improve their security posture.”

Traditional security methods are outdated

Previously, security controls were tested very limited on the basis of annual red team assessments or penetration testing, explains David Kellerman, Chief Technology Officer of Cymulate Field.

“In the era of DevOps and the cloud, traditional security assessment methods are outdated,” he told Techlade.

“Defensive security controls need to be continuously validated,” he said. “The approach that organizations need to take is to target themselves with thousands of attack scenarios across all of their security controls to ensure that all security controls are All applications are capable of doing what they are designed to do and to the fullest extent.”

Matt Quinn, director of engineering for Northern Europe at XM Cyber, a hybrid cloud security company headquartered in Herzliya, Israel, agrees that a proactive approach is gaining increasing attention as it focuses on Focusing on detecting attacks as they happen is simply ineffective.

“Organizations are drowning in trying to defend against millions of attacks and placing all their hopes in compensating controls,” he told Techlade.

“Organizations are now being more proactive by looking at what lies beneath the compensating controls and finding ways to fix what they are compensating for,” he said. This is a much more effective method against any type of attacker.”

The risk landscape is rapidly evolving

Callie Guenther, senior manager of cyber threat research at Critical Start, a national cybersecurity services company, said security leaders are increasingly adopting a proactive approach to cybersecurity. .

“This shift is largely driven by the realization that waiting for attacks to happen before responding is no longer enough in today’s rapidly evolving threat landscape,” she told Techlade. A proactive approach involves predicting potential threats and vulnerabilities and addressing them before attackers can exploit them.”

“Waiting to react always leads to greater damage and more remediation,” said Luciano Allegro, co-founder and CMO of BforeAi, a threat intelligence company based based in Montpellier, France, said.

“This wastes staff time and causes unnecessary stress on issues that could be resolved quickly and orderly,” he told Techlade.

Rob T. Lee, Program Director and Director of Instructors at the SANS Institute, a global cybersecurity training, education and certification organization, cited some of the proactive measures organizations are currently taking. deployment.

These strategies include using threat intelligence services to predict potential attacks, conducting regular penetration tests to identify vulnerabilities, and implementing “Zero Trust” frameworks. trust completely), do not automatically trust anything inside or outside the organization.

“Security awareness training for employees is essential to recognize email phishing attempts and other social engineering tactics,” he added.

“Advanced security solutions like the Endpoint Detection and Response Platform [EDR] and the Security, Automation and Response Organization [SOAR] is also important,” he told Techlade. “Furthermore, training and managing the cybersecurity workforce is key to creating a resilient human firewall.”

“Recent SEC rules also promote cybersecurity thinking at the senior management and board levels, emphasizing the strategic role of cybersecurity in corporate governance,” he said.

Proactive AI Artificial intelligence (AI) can be another tool in a business’s proactive strategy, according to Matt Hillary, Vice President of Security and Chief Information Security Officer (CISO). by Drata, a security and compliance automation company headquartered in San Diego.

“AI can help companies identify and address security vulnerabilities by proactively identifying critical vulnerabilities and assisting with remediation,” he told Techlade.

For example, Hillary explains that AI can be used to scan a company’s network boundaries to discover which systems or applications connect to the internet and what risks they may present.

“With the ability to quickly analyze vast amounts of data, well-trained large language models can augment manual security processes to find and fix problems at speeds previously impossible is possible,” he said.

Elisha Riedlinger, CEO of NeuShield, a data protection company in Fremont, California, adds that there is always a certain percentage of organizations that take security seriously and work to implement security solutions. proactive.

“However,” he told Techlade, “many organizations are still unable to be proactive. These organizations may not have the resources or time to proactively evaluate and deploy these solutions.”

A culture of avoiding control Cymulate’s report also found that organizations face an increasing risk of data breaches as the effectiveness of data loss prevention (DLP) measures decline. The report shows that the data breach risk score increased from 33 in 2021 to 46 in 2024.

“Unfortunately, not every organization builds security around data,” says Gopi Ramamoorthy, Director of Security and Governance, Risk and Compliance Engineering at Symmetry Systems, a posture management company data security in San Francisco, said.

“Organizations primarily prioritize security around networks, endpoints, applications and identities,” he told Techlade.

Mr. Bambenek further asserted that traditional DLP tools lack comprehensive security monitoring and control capabilities for cloud-based data. The adoption of advanced data security platforms such as Data Security Posture Management (DSPM) is also slow. Limitations in status monitoring and data security control are the cause of continuous data thefts.

Organizations also facilitate data theft in a variety of ways, said John Bambenek, President of Bambenek Consulting , a cybersecurity and threat intelligence consulting firm.