One of the core principles of cybersecurity is not letting things “slip through the cracks”. An effective security posture depends on visibility. The more visibility you have into the environments where your data is, the more successful you will be in applying your organization’s security protocols and identifying suspicious behavior.
Here are five cybersecurity issues that may have “slipped through the cracks” which should be visible to you in 2022.
5. Exploiting third-party applications
Many people have characterized 2021 as “the year of the software supply chain attack“. Chances are if you were not following the issue closely, you are now in light of the new CVE-2021-44228 vulnerability.
Zero-day attacks, or unpatched security bugs, in commonly used third-party applications, are an example of the risks we assume from our software supply chain. Often, incomplete requirements, incorrect assumptions, and time-to-market pressures result in the delivery of less-than-perfect software. Generally speaking, software developers do a good job of eliminating software bugs that cause the program to fail in catastrophic or obvious ways. Unfortunately, security bugs don’t typically cause catastrophic system failures. They simply allow a bad actor to make the software do things it wasn’t intended to do like steal other users’ credentials or read the entire contents of a database. Compounding the problem, the rapid-fire ability of bad actors to take advantage of software vulnerability disclosures and our own justifiably cautious patch processes create an asymmetry, with predictable results. It’s rare that an organization will be able to deploy a vendor patch the moment it is made available across all of the necessary locations. Even the best Web Application Firewalls require time to adapt with a new signature update (that must be developed, tested, and deployed) or with an adjustment to a machine learning model, or manual acknowledgment that an anomaly has been detected and should be blocked in the future. Additionally, these “virtual patches” must be tested in each specific environment prior to deployment to ensure they don’t cause unwanted side effects.
For more on how to manage software supply chain attacks, get 5 Key Ways Supply Chain Attacks Occur.
4. Increases in the volume of records stolen
The constant increase in the volume of stolen records is the result of multiple factors. We are living in a digitalization era in which more services are consumed daily, with the majority of them online so the amount of data out there increases every year. More businesses have made a very quick shift into digitalization, which if not done carefully, increases security risk. Information security adoption is slower than the adoption of digital services that make a profit from the addiction to and consumption of the same online services. Such a fast, dramatic change is likely to have security implications. Higher volume, less secure data is now stolen in ever-larger chunks. Organizations need to rethink to protect the growing body of critical business data.
Learn more about this in Lessons Learned from Analyzing 100 Data Breaches.
3. More effective Web Application Firewall Gateway technology
A recent report revealed 39% of all data breaches in 2020 stemmed from web application compromise, a trend that became more pronounced in 2021. Organizations need to get more effective protection from their Web Application Firewalls (WAFs). Here are some of the things your WAF needs to do to take on today’s web application threat vectors:
More than 24 percent of internet traffic is bad bots, so your WAF should offer Advanced Bot Protection that enables true defense-in-depth security in a single stack model.
Your WAF should provide optimized security and performance benefits for your digital protocols from HTTP2 to TLS 1.3. For activities such as dropping more dynamic content from video snip-bits to 3D visuals, your WAF should facilitate your ability to supersize the customer experience from website to smartphone to support your organization’s omnichannel strategies.
Learn more about next-level WAF Gateway here.
2. New bad bot mitigation strategies
Bad actors are capitalizing on the opportunities that digital transformation creates, particularly through more sophisticated automated bad bot attacks. But tools to thwart these attacks have become more advanced, too. What should you look for in a solution?
A truly “future-proof” bad bot solution will be equipped to handle the most sophisticated bad bots. It must incorporate machine learning that is capable of identifying real-time bad bot behavior and adapting. It also helps establish a baseline for normal behavior, as well as enable automated detection and response. Your solution should be able to block bots from the very first request they make and protect all your access points: websites, mobile apps, and APIs.
Look for device fingerprinting, allowing the solution to track bot activity across IP addresses and detect browser automation tools. Such tools are capable of processing JavaScript and emulating legitimate browsers, making them more difficult to identify and block. The solution should contain cutting-edge techniques, such as injection of active challenges and honeypots into HTTP traffic, per-URL customization and security controls to fine-tune protection; graduated controls for rate-limiting, such as by client, device, authentication token, or simple IP address; and enable community-sourced threat intelligence to help customers learn from one another.
Learn more in Imperva’s Ten Essential Capabilities of a Bot Management Solution.
1. The economic impact of a data security platform
Virtually all cybersecurity professionals understand the need to create a data security platform to mitigate threats to sensitive data, but very few people know how to present the acquisition, development, and deployment of a data security platform as a business driver with a demonstrable ROI.
Establishing a starting point for the evolution of your data security platform can make all the difference. Articulating the challenges that your organization faces is the first step. Mapping these challenges to quantifiable benefits is the next. Having a framework from which to start saves time because your team can modify data points to align with your organization’s requirements. For example, regional salary assumptions and the number of systems to be protected. It also will likely open your eyes to scenarios that you may not have thought of, in the actual language from current consumers of data security technology that have already benefited from the transition.
While it can be hard to show the economic impact of change, it’s not impossible. Oftentimes it is easier to modify existing work (red pen) than start from scratch (black pen). Download the infographic, The Total Economic Impact of the Imperva Data Protection Solution to see the key challenges that organizations faced prior to implementing a data security platform and the resulting benefits after deployment.
Try Imperva for Free
Protect your business for 30 days on Imperva.