Gartner Reveals Breach and Attack Simulation Technologies as a Top Cyber Security Solution
Breach and attack simulation technologies have been highlighted as one of the top solutions for CISOs to consider in Gartner’s recent report, ‘How to Respond to the 2019 Threat Landscape’.
With traditional entry points (i.e. malware, phishing and exploit) continuing to top the list for the most successful forms of attack, despite advances in technology, it’s clear that yesterday’s tactics are not cutting the mustard. Gartner revealed that on-going changes in business regularly add new attack surfaces that could create long-term gaps until defence strategies and technologies mature. These challenges pose a significant risk to organisations; together with the increased complexity of IT environments and the rise of sophisticated attacks, that exceed the preventative and detection capabilities of most security teams.
Reducing Your Attack Surface Through Regular Security Effectiveness Testing
In the report, Gartner states that because attacks leveraging known threat vectors continue to evolve, security leaders must be aware that the best security solutions for them at the time of purchase may become “obsolete” against the latest attack variants. For example, the spike in completely fileless attacks could cause the need for new detection capabilities, and a reassessment of existing tools capabilities. According to breach and attack simulation vendor, Cymulate, 67% of the organisations tested are vulnerable against a known threat:
By periodically verifying the effectiveness of security controls, i.e. through data-driven assessments, evidence-based work and simulated exercises, organisations can determine whether the controls are operating as intended. Vulnerability scanning and penetration testing have long been used for system verification checks, but they are not foolproof. Breach and Attack Simulations, in which real-world attacks are recreated, enables organisations to see how their defences perform against existing threats, as well as identifying backdoors and flaws previously unknown.
Attack Simulation vs Traditional Methods: Which is better?
Compare the advantages and disadvantages of attack simulation and traditional methods including penetration testing and vulnerability scanning in our download.
Understanding where your vulnerabilities are and becoming aware of how these can impact business operations could be the difference between reacting to an incident or responding to a breach.
Check Out Our Other Recent Posts >
Last month we had the opportunity to be a part of Securing the Law Firm 2019 with an Education Seminar centred around best-practice for constructing SOC-as-a-Service (SOCaaS), so you know you can get value; here’s the low-down.
Is Broadcom about to shake up the Symantec enterprise following its acquisition or does this kick start the end of the line for Symantec.
Secrutiny is hosting an intimate breakfast briefing for cyber security leaders in London on Thursday, 28th November. Join us to discover how, with a bit of extension and instrumentation, the ecosystem of controls that you already have can form the basis of an evidential, prioritised cyber risk management programme. Learn more and register…