Here are the factors causing constant rise in cyberattacks

Having been part of the cybersecurity industry for over a decade, what are your observations about the industry?
Technology has revolutionised our lives in ways that are incomprehensible to 10 years ago. However, one thing that hasn’t changed is the belief that there is too much at stake for individuals and organisations to remain negligent, not taking even the basic steps to improve their cyber posture and manage cyber risk proactively. The harsh truth is that the vast majority of attacks, both historically and today, are preventable.

Organisations need to realise that, whatever is visible on the internet, is likely to be the first point threat actors will target. They’ll look for known but unpatched flaws to leverage and gain entry and from there escalate their access status to dig deeper and compromise further systems. We must address the status of “learned helplessness”. Organisations must know where their risks are – you can’t operate with your eyes closed! Its imperative organisations continuously monitor and respond to threats as new vulnerabilities are discovered and threat actors weaponise these flaws. Systems must be treated as if a sophisticated adversary already has or can gain access, which demands that tight identity management practices be in place to limit damage.

Are you seeing any new vulnerabilities post-pandemic? If yes, what are the factors causing the constant rise in cyberattacks?
New vulnerabilities are being identified every day, making the task of remediation all the more challenging. For organisations, it’s about understanding what systems and data are critical for the business to function and addressing the risks these systems face first. This means the vast majority of attack paths will be closed off, preventing compromise, malware infiltration and/or exfiltration of data.

Tell us your acquisition of Bit Discovery.
An organisation’s digital footprint extends far beyond its walls but few are able to accurately determine what this looks like and the risks introduced. One of the most common but dangerous security lapses is to misconfigure something in the cloud and make it internet-facing. Bit Discovery employs a multi-phased approach of identifying what assets and services a particular brand(s) has residing on the Internet. When used with the rest of our solutions, our customers will be able to see the potential attack paths that exist from external systems to critical assets, throughout their infrastructure, providing a comprehensive measure of their overall exposure.

What are some of the frequent demands you have witnessed from your customers and how do you see this acquisition meeting those needs?
Organisations globally are facing dramatic transformation driven particularly by a step-change in working practices, for example the permanent adoption of hybrid working practices. In tandem, there are unprecedented economic pressures forcing businesses to do more with less – be it financial, manpower, time, or another resource.
Against this backdrop, threat actors are increasingly tenacious in their efforts to compromise organisations’ infrastructure to steal data, extort money and even destroy systems. The best defence is an offence and visibility is the pinnacle of cybersecurity today. Combining Bit Discovery’s technology with our product portfolio, our customers will be able to address one of cybersecurity’s most elusive goals – a differentiated 360-degree view of the modern attack surface, both inside out and outside in, to identify and eliminate areas of known and unknown security risk.

Amit Yoran is the chairman and CEO at Tenable