为什么在家工作政策成了网络罪犯的淘金热

The chart below shows the alarming rise of companies searching for help with "高级钢笔测试服务" recently.  What caused the sudden uptick in searches from companies needing more sophisticated pen testing after June 2020?

The answer lies in the rapid redistribution of America's employee base from traditional offices to home offices. 随着2019冠状病毒病限制措施在2020年蔓延, the workforce found themselves mired in the challenges of working remotely. 许多人在自己的设备或个人电脑上工作. IT departments struggled to fill the demand for laptops and other company-approved equipment and were granted remote access to company data.

Most remote workers began to access customer and company data from their personal devices connected to their home networks, 其他居家家庭成员使用的同一网络. Security teams lacked visibility into these home networks and needed more resources to monitor the new adequately and hastily expanding attack surfaces.

Malicious threat actors quickly took note of these new opportunities that had materialized virtually overnight. Suddenly, in the rush of establishing countless home networks and new cloud environments, these smaller and less secure networks across the country become easy and plentiful targets through compromised devices and networks.

考虑下面的发现 Forrester的2021年9月报告, Beyond Boundaries: The Future Of Cybersecurity In the New World of Work, 安全和商业领袖报告风险增加的原因是:

• 80%的业务关键功能迁移到云
• 80%支持远程工作
• 61%的人扩大了冰球突破豪华版试玩的软件供应链
• 59%的人将非业务关键功能转移到云端

实现零信任架构

根据Atlas VPN 2021年9月的一份报告, “勒索软件攻击在2021年上半年上升了151%, 与2020年同期相比." Weaknesses exposed in home networks (including connectivity and underlying infrastructure) contributed to the unprecedented increase in the number and severity of these types of attacks.

为自己辩护, many organizations have begun implementing a zero-trust architecture to help better secure network environments transformed and weakened by the remote workforce.

Zero Trust & 先进的钢笔测试-领先于安全风险

即使您的组织已经开始了“零信任”的旅程 高级敌方模拟(AAS) will test your existing security controls to ensure your infrastructure, people, 流程是在保护你最宝贵的资产. 

An AAS team performs covert cyber red teaming to identify critical security weaknesses and tests security control assurance and capabilities. The goal is to gain unauthorized access into the targeted IT system(s), 建立持久性, 并展示了访问敏感数据的能力 evading detection. 了解您的网络是否在监视, firewalls, 端点安全工具, SIEM, and other security tools are properly deployed is just as critical as understanding whether your team is responding appropriately to the alerts. 

At the end of an 先进的对手模拟, the security team will have spent weeks 占据了攻击者的思想 收集了大量的数据. Results collected during these simulations are then compiled into actionable reports which reveal your organization's susceptibility to such elevated cyber-attacks designed to obtain your most sensitive information and the potential impact. 这些全面的报告清楚地显示了发现的情况, 它是如何被发现并提供详细信息的, 经过验证的补救建议. Reports are typically supported with evidence in the form of narratives, screen captures, and detailed drawings indicating the times and paths of the simulated attacker. 

先进的对手模拟作为一种主动措施

Using an advanced penetration service like 先进的对手模拟, 你会发现如果你有:

• 为你的保护表面正确地实现控制
• 正确配置您的分段网关
• 有效部署零信任架构

Listen to Security Consultant Brian Halbach answer questions on how organizations can be proactive and utilize advanced adversary simulation services to protect their security.

Q: What are some new defensive tactics to protect organizations against advanced emerging threats?

Brian: There are a number of new tools out there and kind of security philosophies. 你会听到更多关于零信任的出现, 数字化向云的转变, which can also increase security when done properly and done correctly.

Having multiple security tools that you can rely on and, importantly, having a well-trained staff 知道如何使用这些新的安全工具的人很棒. 如果你有最好的工具, 但你不会让任何人坐在那里监视他们, 他们可能一整天都在发出警报, and then, yup, 你可能知道攻击者可能在那里, but then 你要怎么阻止他们?

So yeah, one of the best things to do is to invest in the tools and the proper training so that your company can stay secure.

Q: Are advanced adversary simulations an affordable option for organizations ready to take their existing security program to the next level?

Brian: Yes, this is generally an affordable option if you're investing in your security. It's one of those things where you need to be sure that what you've just invested in for your cloud security on-premise security is actually working. Yes, 您可能已经安装了它，它可能已经启动并正在运行, 你可以看到它在做一些事情. 但是你怎么知道当你有一个 advanced attack hit you? Or how do you know what an advanced attack is going to look like now that you have all these defenses in place? 

所以最好的准备方法之一就是, 冰球突破豪华版试玩的防御措施起作用了，是的, 这就是为什么冰球突破豪华版试玩知道冰球突破豪华版试玩可以看到一个先进的攻击正在发生, is to have an 外部安全公司 来做一个模拟，这样你就能看到, all right, 试试所有的攻击因素, see what can stick, 看看冰球突破豪华版试玩的弱点在哪里, 看看冰球突破豪华版试玩可以改进的地方.