Written by David Sajoto, Regional Vice President, APJ at Vectra AI.
Cybersecurity budgets are growing as business decision makers wrestle with managing the risks associated with the rise in sophisticated cyber threats, while also allowing for innovation and business growth.
In Singapore, the Cyber Security Agency (CSA) has launched the Cybersecurity Talent, Innovation & Growth (Cyber TIG) Plan, investing S$50M to enhance the nation’s cybersecurity sector. It also includes new programs like CyberBoost to encourage innovation.
However, for many organizations, implementation of these increased security measures may seem challenging when factoring in the ongoing drought of security talent across the region.
As we look forward and think about new and innovative ways to tighten security, what remains clear is that a cross-border and multi-stakeholder approach is needed to successfully protect organizations against the increased sophistication of cybercrime in today’s AI-empowered world.
Investment into security is set to grow, but where the money flows remains critical
To remain ahead of growth in AI usage by cyber criminals, today’s security-smart organization needs to adopt a detection and prevention approach.
In fact, according to Gartner, 58% of organizations are planning to increase their cyber investment this year, with 54% of those organizations with revenues of more than US $5 billion expected to spend more than US$250 million annually on cybersecurity.
Additionally, as the incidence of security breaches continues to rise, a mindset shift is also needed.
In today’s threat landscape, it’s not a question of if an organization will be breached, but a question of when. To fight today’s sophisticated threats, detection measures also need to be empowered with integrated and AI-enhanced attack signal intelligence.
While investing in AI as part of a cyber security strategy makes sense, it’s also worth remembering that the most resilient cybersecurity investments usually combine the latest technology innovations with deep people expertise.
Adopting a hybrid approach to network security to ensure infrastructure remains resilient
In 2023, ransomware tactics evolved from exploiting human error to targeting network infrastructure, posing a greater challenge for prevention and mitigation solutions.
The mass shift to hybrid and multi-cloud environments means all enterprises are now hybrid enterprises and all modern attacks are hybrid attacks.
This has rendered legacy threat detection and response solutions ineffective at defending against the new threat landscape, heightening the need for new threat detection coverage across the expanding hybrid attack surface.
The LockBit episode, where the gang swiftly reorganised and relaunched their operations on new infrastructure after a law enforcement response, also highlighted a hard truth: cybercriminals are remarkably adaptable.
This incident also highlighted the critical need for businesses to maintain up-to-date security measures. As LockBit conceded, failure to update essential software was a key vulnerability that enabled law enforcement to eventually infiltrate their operations.
This serves as a poignant reminder that the basics of cybersecurity hygiene, such as regular updates and patches, remain fundamental in guarding against threats.
Attackers typically begin with the most common systems, such as Windows endpoints. As these systems become more secure and harder to exploit, they pivot to network infrastructure.
When it comes to the network or other attack vectors, traditional controls are failing, and business leaders and their IT teams are left struggling to prevent lateral movement.
To contend with new methods, enterprise infrastructure must be viewed as a unified target, in the same way that attackers see it.
Defending against real-world hybrid attacks in our digital age
Understanding that organizations have several potential vulnerabilities, solutions are needed that defend against hybrid attacks and eliminate silos to provide hybrid attack surface visibility across the network and endpoints via integrations with EDR vendors.`
Alex Chan, Head of IT at CPG Corporation explains, “Cybercrime is an industry wide issue that’s not going away. Businesses need to take a proactive approach to securing their infrastructure and improving organizational resilience.”
“Prioritizing our network’s defense means having real-time visibility so we can proactively reduce risk. Intelligent threat detection technology helps our cyber team think like an attacker, understand attacker behaviour and analyze detection patterns unique to our environment. Advanced security AI also surfaces potential attacks in real time, helping us prioritize and reduce alert noise. This means our security teams can spend their time where it matters most – focusing on threats by severity.”
Ensuing innovation and security in an increasingly competitive world
Many organisations will say they’re cloud-first but still have a massive data centre footprint, and this also needs protecting.
Realistically, the attacker doesn’t care where you’re innovating, they will come from any avenue they can, and it’s very important to ensure coverage of lateral movement inside of an organisation.
Vectra AI recently introduced the industry’s first Managed Extended Detection and Response (MXDR) solution. It delivers around the clock support in defending against hybrid attacks and is designed to eliminate silos and improve visibility across the staples of a hybrid workforce – identity, public cloud, SaaS, data center and cloud networks and endpoints.
What we are seeing time and again is that the best security solutions will leverage technologies to amplify security strategies and develop zero trust parameters, backed by in-depth support and extensive expertise.
Ultimately, for security decision makers today, it’s about focusing on what’s urgent, by having the best view possible of the entire infrastructure and subsequent threats, assessed by severity and impact.
This type of attack signal intelligence will ensure security analysts can focus on responding to the most critical threats that will reduce business risk without hindering innovation.
