POWERED BY
INTELLIGENT BRANDS // Enterprise Security
FireEye: Staying ahead
of cyberthreats
/////////////////////////////
With an ever-evolving threat landscape, enterprises
always need to be one step ahead of cyber attackers.
In the company’s report Looking Ahead: Cybersecurity
in 2018, FireEye’s Chief Security Officer Steve Booth
shares his predictions for the months ahead, with some
tips on what organisations can do to minimise risk and
stay ahead of threats.
On what the threat landscape will
look like:
I’m sure there’s going to be yet another
round of fun, new, interesting attacks, but I
think the uglier ones are going to be modified
versions of current attacks. For instance,
for attacks targeting employees, first it was
phishing and then it was spear phishing. In
2018, we’ll be seeing more attacks targeting
social media accounts and more attacks
targeting personal email accounts.
www.intelligentcio.com
This is where organisations could get
into trouble because, as a company, they
may not even know that they have to
defend against attacks targeting those
personal accounts.
Compromising employees to cause damage;
there are all kinds of other new and creative
ways of doing that.
We’re working on something right now that
gets into malicious publishing of applications,
where an employee clicks ‘yes’ on their phone
just once and then they have a malicious app
that can do SAML assertions.
Permissions pose another challenge. There
could be 800 different places people can set
permissions, or ‘mis-set’ permissions, such
as using a popular platform such as Amazon.
Any single one of those platforms can
become an attack surface.
On whether threat actors are
‘borrowing and stealing’ the best
techniques out there:
Sometimes threat actors will just buy the
technology. So either they are acquiring
the skills based on what they’re learning
from certain individuals or reading from
various message boards, or they are just
saying, ‘forget it, why exert the effort? I’ll
just go buy some commercially available
piece of malware’.
INTELLIGENTCIO
79