Security News > 2024 > March > How new and old security threats keep persisting
Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working, according to Cymulate.
Rather than waiting for the next big cyberattack and hoping they have the right defenses in place, security leaders are now more than ever implementing a proactive approach to cybersecurity by taking action to identify and address security gaps before attackers find and exploit them.
The research highlights the correlation of threat exposures from vulnerabilities, misconfigurations and other weaknesses with both threat activity and the security controls designed to mitigate the threats.
On average, 75% of web application firewalls demonstrated their ability to block exploits of the Log4Shell vulnerability, while endpoint security and web gateway protection showed security effectiveness from 62% to 89% to protect against post-exploit threat activity in these campaigns.
"This new research underscores the critical insights that exposure management and security validation solutions can provide for today's businesses," said Avihai Ben Yossef, Cymulate CTO. "As new attack tactics emerge and adversaries continue to make use of existing vulnerabilities, businesses cannot afford to be reactive. They need to proactively gauge the effectiveness of their security solutions, identify where gaps exist and take the necessary action to limit their risk and mitigate their exposure. We are encouraged to see a growing number of organizations adopting the exposure management and security validation tools needed to improve their security posture."
These findings serve as an important reminder that today's organizations must ensure they have strong security fundamentals in addition to preparing for new and emerging threats.
News URL
https://www.helpnetsecurity.com/2024/03/08/security-leaders-proactive-approach/
Related news
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority (source)
- MUT-1244 targeting security researchers, red teamers, and threat actors (source)
- Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat' (source)
- Are threat feeds masking your biggest security blind spot? (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)