• About US
  • Terms of use
  • Cookie Policy
  • Privacy Policy
  • Advertising guide
No Result
View All Result
BBG Architecture Life
  • Architecture
  • Design
  • Interiors
  • Technology
  • Trends
  • Projects
  • Collections
  • Education
  • House
  • Restaurant
  • Greenhouse
  • Hotel
BBG Architecture Life
  • Interiors

    Miami Beach residence by SAOTA takes indoor-outdoor living to the extreme

    Vision unveiled for London school powered by Thames tide

    Erasmus exchange programme could remain open to UK students after Brexit

    Sou Fujimoto creates ornate bookshelves for Basel installation

    Frank Lloyd Wright merged eastern and western architecture at Tokyo’s Imperial Hotel

    Drone footage captures brutalist Robin Hood Gardens ahead of imminent demolition

    Dan Brunn renovates Frank Gehry-designed LA house for an illustrator

  • Design
    Screen Shot 2019-10-14 at 8.49.03 AM

    The Design Spark 2019 Product Showcase Set to Show Innovations Around Independent Living | Best Brothers Group of Companies

    Ho (left) and Chang sharing EcoWorld’s future plans at the Eco Sanctuary Gallery. (Photos by Low Yen Yeing/EdgeProp.my)

    Malaysia: Universal Design for EcoWorld’s Future Projects | Best Brothers Group of Companies

    A computer model of one of the accessible homes.

    How Gaming Technology is Helping Design More Accessible Homes | Best Brothers Group of Companies

    New Universal Design Guide Aims to make Public Spaces Pleasant for All | Best Brothers Group of Companies

    New Universal Design Guide Aims to make Public Spaces Pleasant for All | Best Brothers Group of Companies

    University Students Design Wheelchair Hand Warmer for Persons with Muscular Dystrophy | Best Brothers Group of Companies

    University Students Design Wheelchair Hand Warmer for Persons with Muscular Dystrophy | Best Brothers Group of Companies

    The Home Innovation Challenge

    UK-based Design Council Focuses on Accessible Home Innovation   | Best Brothers Group of Companies

    Private Transport Provider to Offer an Inclusive Experience in Malta   | Best Brothers Group of Companies

    Autonomous Vehicle Design Should Benefit Broader Group of Potential Drivers   | Best Brothers Group of Companies

    Ikea to Use 3-D Printing to Make Furniture More Accessible for Persons with Disabilities   | Best Brothers Group of Companies

    Ikea to Use 3-D Printing to Make Furniture More Accessible for Persons with Disabilities   | Best Brothers Group of Companies

    Toyota Improves Universal Design Taxicab for Quicker Wheelchair Access   | Best Brothers Group of Companies

    Toyota Improves Universal Design Taxicab for Quicker Wheelchair Access   | Best Brothers Group of Companies

  • Technology
    Dahua USA Releases New LincX2PRO Line Linking Homes with Professional Systems – Dahua Technology USA Inc | Best Brothers Group of Companies

    Dahua USA Releases New LincX2PRO Line Linking Homes with Professional Systems – Dahua Technology USA Inc | Best Brothers Group of Companies

    Dahua Helps Retail Operations Run Smoothly – Dahua Technology USA Inc | Best Brothers Group of Companies

    two people seated on a table and signing agreements Two people standing behind them on a stage.

    Mada Assistive Technology Centre Signs MoU with Korea Trade Promotion Agency | Best Brothers Group of Companies

    A computer model of one of the accessible homes.

    How Gaming Technology is Helping Design More Accessible Homes | Best Brothers Group of Companies

    Government of Canada Announces New Accessible Technology Program Funding Recipients | Best Brothers Group of Companies

    Dahua Technology USA Announces Product Lineup for GSX 2019 – Dahua North America | Best Brothers Group of Companies

    Dahua Technology Partners with Pepper to Bring Heightened Security to Its Video IoT Devices – Dahua North America | Best Brothers Group of Companies

    Dahua Technology Partners with Pepper to Bring Heightened Security to Its Video IoT Devices – Dahua North America | Best Brothers Group of Companies

    India: Assistive Technology for All 2030 Conference Focuses in Infrastructure, Assistive Devices | Best Brothers Group of Companies

    India: Assistive Technology for All 2030 Conference Focuses in Infrastructure, Assistive Devices | Best Brothers Group of Companies

    Private Transport Provider to Offer an Inclusive Experience in Malta   | Best Brothers Group of Companies

    National Federation of the Blind Applauds Introduction of Greater Access and Independence through Nonvisual Access Technology (GAIN) Act | Best Brothers Group of Companies

  • Projects
    Ho (left) and Chang sharing EcoWorld’s future plans at the Eco Sanctuary Gallery. (Photos by Low Yen Yeing/EdgeProp.my)

    Malaysia: Universal Design for EcoWorld’s Future Projects | Best Brothers Group of Companies

    European Commission Provides 20 Cities with Funding for Innovative Projects on Inclusion  | Best Brothers Group of Companies

    European Commission Provides 20 Cities with Funding for Innovative Projects on Inclusion  | Best Brothers Group of Companies

    The Portland Art & Learning Studio Encourages Diverse Projects by Artists with Disabilities | Best Brothers Group of Companies

    The Portland Art & Learning Studio Encourages Diverse Projects by Artists with Disabilities | Best Brothers Group of Companies

    Yoocan Seeks Collaborative Partners, Highlights Projects at Naidex 2019   | Best Brothers Group of Companies

    Yoocan Seeks Collaborative Partners, Highlights Projects at Naidex 2019   | Best Brothers Group of Companies

    Vision unveiled for London school powered by Thames tide

    Climate change forces emergency repairs to “failsafe” Arctic seed vault

    Grenfell Tower fire deaths raise questions about safety of post-war renovations

    Santiago Calatrava’s World Trade Center Oculus continues to leak

    Note Design and Afteroom hack IKEA kitchens to make living room furnishings for Reform

No Result
View All Result
BBG Architecture Life
No Result
View All Result
Home BBG

The More Cybersecurity Changes, the More It Stays the Same

Admin by Admin
October 29, 2019
in BBG
0 0
0
The More Cybersecurity Changes, the More It Stays the Same
340
SHARES
2k
VIEWS
Share on FacebookShare on TwitterShare on Google Share on Linkedin
The More Cybersecurity Changes, the More It Stays the Same


By Neill Sciarrone, President & Co-Founder, Trinity Cyber, Inc.


Despite major advancements in technology, the global approach to cybersecurity has remained the same for decades: respond and recover. The same vulnerabilities are repeatedly exploited in similar ways, and this trend shows no signs of slowing because current security tools do not actually address the root causes of attacks. Even new artificial intelligence and machine learning techniques have mostly been aimed at improving response efficiency – as though there is nothing we can do but prepare for the worst, and recover as quickly as possible. To slow the frequency of dangerous and costly cyberattacks, companies should be shifting their efforts towards focusing on adversary disruption.


 


Cyberattacks – and how we respond to them – have not changed in two decades


In May 2000, one unwitting user on a computer in the Philippines used Microsoft Outlook to open an email message with the subject line “ILOVEYOU” and an attached file named “LOVE-LETTER-FOR-YOU.txt.” The attachment contained malicious code – a worm that moved through the user’s computer, overwriting random files and sending an email with a copy of itself to every address in the user’s Windows Address Book. Just ten days later, the ILOVEYOU worm had spread around the world, infecting over 50 million computers. Far from spreading love, the worm caused more damage than any previous cybersecurity incident: an estimated US $5.5-8.7 billion worldwide.[i]


Seventeen years later, Microsoft announced a vulnerability within a resource-sharing protocol in widespread use across versions of the ubiquitous Windows XP operating system. They quickly released a patch to fix the vulnerability, but countless systems had not been patched by the time the WannaCry ransomware attack began two months later. WannaCry eventually affected more than 200,000 computers across 150 countries and caused estimated damages ranging from hundreds of millions to billions of dollars.[ii]


Despite significant changes to the state of technology and the Internet between 2000 and 2017, these two cyberattacks were very similar to each other. Both propagated by using relatively simple vulnerabilities in Microsoft operating systems, and both were successful because of a lack of proactive cybersecurity.


Not only do the same kinds of attacks continue to work, responses to cyberattacks have not changed much either. With all our advances in technology, cybersecurity is generally still focused on response and recovery: identify the infected computers, take them offline, rebuild or replace them, file a data breach disclosure, rinse, and repeat.


Is the issue that it is impossible to defend against these vulnerabilities? Are hackers just too smart? Not necessarily. Response and recovery treats cyberattacks like natural disasters – inevitable, unstoppable, and caused by forces outside our control. Meanwhile, adversaries continue to enjoy the fruits of their illicit labors. Popular methods of attack remain consistently successful because cybersecurity has failed to evolve to a posture of true prevention.


 


A needed evolution


The continued success of these cyberattack methods (and others) hinge on exploiting a limited number of key vulnerabilities that are commonly known to good and malicious actors alike. So, why are they still effective? The answer is that current standard cybersecurity methods are designed to respond to incidents but rarely, if ever, actively disrupt the adversary’s attempted attack. For example, cyberattacks or intrusions are generally handled via alerting after a breach has already occurred. The alert triggers a cybersecurity team to go in and clean up the affected systems, and then set up or modify a firewall to block future attacks. Afterwards, companies are required by law to file a data breach notification.


The most common approach to blocking attacks involves analyzing past and current threats, and then distilling the results into indicators of compromise (IoC), such as IP addresses, domain names, or hashes of known bad files. These IoCs are then fed into available cybersecurity tools, which are wielded like a giant hammer, blocking or denying any traffic associated with them.


This method aims to prevent attacks that are exactly like prior attacks. This perpetuates the problem however, as hackers know about these protection methods and adjust. Subsequent attacks are designed to differ just enough from prior attacks to elude being blocked and ensure they avoid the new protections. This process is repeated time and time again. The cybersecurity industry is almost entirely locked in this detect-respond-recover approach, with little to no effort being made to actually prevent cyberattacks in the first place.


 


Embrace a new approach to stem the flow of cyberattacks


Rather than treat the cyber threat like a natural disaster, the cybersecurity industry needs to embrace a fundamentally new approach. Instead of relying solely on insufficient incident response and recovery methods that have been used for many years, a more sophisticated, proactive approach is needed to successfully prevent current cyberattacks and to predict and prevent future ones on a meaningful scale.


Operational challenges in the cyber realm have been exacerbated by an ever-growing landscape of disparate endpoints, heightened sophistication of cyber-attackers, and an increasing number of cybersecurity tools. While these challenges led to the development and implementation of SOAR platforms, which add efficiencies, most tools remain inherently “reactive.”


Cyberattacks or attempts at compromising a system are human-made events within a human-made environment. By focusing on disrupting the adversary’s methods, analysts can determine tactics, techniques, and procedures (TTP) and then use those to develop solutions that provide truly preventive cybersecurity.


Proactive Threat Interference from Trinity Cyber works to provide this preventive assurance by invisibly monitoring threats outside a network’s perimeter and adapting to the adversary’s techniques to intercept and neutralize cyberattacks before they get in.




[i] https://computer.howstuffworks.com/worst-computer-viruses2.htm


[ii] https://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses/

Did you Enjoy this Article?

Check out our free e-newsletters
to read more great articles.

Subscribe Now

The More Cybersecurity Changes, the More It Stays the Same


By Neill Sciarrone, President & Co-Founder, Trinity Cyber, Inc.


Despite major advancements in technology, the global approach to cybersecurity has remained the same for decades: respond and recover. The same vulnerabilities are repeatedly exploited in similar ways, and this trend shows no signs of slowing because current security tools do not actually address the root causes of attacks. Even new artificial intelligence and machine learning techniques have mostly been aimed at improving response efficiency – as though there is nothing we can do but prepare for the worst, and recover as quickly as possible. To slow the frequency of dangerous and costly cyberattacks, companies should be shifting their efforts towards focusing on adversary disruption.


 


Cyberattacks – and how we respond to them – have not changed in two decades


In May 2000, one unwitting user on a computer in the Philippines used Microsoft Outlook to open an email message with the subject line “ILOVEYOU” and an attached file named “LOVE-LETTER-FOR-YOU.txt.” The attachment contained malicious code – a worm that moved through the user’s computer, overwriting random files and sending an email with a copy of itself to every address in the user’s Windows Address Book. Just ten days later, the ILOVEYOU worm had spread around the world, infecting over 50 million computers. Far from spreading love, the worm caused more damage than any previous cybersecurity incident: an estimated US $5.5-8.7 billion worldwide.[i]


Seventeen years later, Microsoft announced a vulnerability within a resource-sharing protocol in widespread use across versions of the ubiquitous Windows XP operating system. They quickly released a patch to fix the vulnerability, but countless systems had not been patched by the time the WannaCry ransomware attack began two months later. WannaCry eventually affected more than 200,000 computers across 150 countries and caused estimated damages ranging from hundreds of millions to billions of dollars.[ii]


Despite significant changes to the state of technology and the Internet between 2000 and 2017, these two cyberattacks were very similar to each other. Both propagated by using relatively simple vulnerabilities in Microsoft operating systems, and both were successful because of a lack of proactive cybersecurity.


Not only do the same kinds of attacks continue to work, responses to cyberattacks have not changed much either. With all our advances in technology, cybersecurity is generally still focused on response and recovery: identify the infected computers, take them offline, rebuild or replace them, file a data breach disclosure, rinse, and repeat.


Is the issue that it is impossible to defend against these vulnerabilities? Are hackers just too smart? Not necessarily. Response and recovery treats cyberattacks like natural disasters – inevitable, unstoppable, and caused by forces outside our control. Meanwhile, adversaries continue to enjoy the fruits of their illicit labors. Popular methods of attack remain consistently successful because cybersecurity has failed to evolve to a posture of true prevention.


 


A needed evolution


The continued success of these cyberattack methods (and others) hinge on exploiting a limited number of key vulnerabilities that are commonly known to good and malicious actors alike. So, why are they still effective? The answer is that current standard cybersecurity methods are designed to respond to incidents but rarely, if ever, actively disrupt the adversary’s attempted attack. For example, cyberattacks or intrusions are generally handled via alerting after a breach has already occurred. The alert triggers a cybersecurity team to go in and clean up the affected systems, and then set up or modify a firewall to block future attacks. Afterwards, companies are required by law to file a data breach notification.


The most common approach to blocking attacks involves analyzing past and current threats, and then distilling the results into indicators of compromise (IoC), such as IP addresses, domain names, or hashes of known bad files. These IoCs are then fed into available cybersecurity tools, which are wielded like a giant hammer, blocking or denying any traffic associated with them.


This method aims to prevent attacks that are exactly like prior attacks. This perpetuates the problem however, as hackers know about these protection methods and adjust. Subsequent attacks are designed to differ just enough from prior attacks to elude being blocked and ensure they avoid the new protections. This process is repeated time and time again. The cybersecurity industry is almost entirely locked in this detect-respond-recover approach, with little to no effort being made to actually prevent cyberattacks in the first place.


 


Embrace a new approach to stem the flow of cyberattacks


Rather than treat the cyber threat like a natural disaster, the cybersecurity industry needs to embrace a fundamentally new approach. Instead of relying solely on insufficient incident response and recovery methods that have been used for many years, a more sophisticated, proactive approach is needed to successfully prevent current cyberattacks and to predict and prevent future ones on a meaningful scale.


Operational challenges in the cyber realm have been exacerbated by an ever-growing landscape of disparate endpoints, heightened sophistication of cyber-attackers, and an increasing number of cybersecurity tools. While these challenges led to the development and implementation of SOAR platforms, which add efficiencies, most tools remain inherently “reactive.”


Cyberattacks or attempts at compromising a system are human-made events within a human-made environment. By focusing on disrupting the adversary’s methods, analysts can determine tactics, techniques, and procedures (TTP) and then use those to develop solutions that provide truly preventive cybersecurity.


Proactive Threat Interference from Trinity Cyber works to provide this preventive assurance by invisibly monitoring threats outside a network’s perimeter and adapting to the adversary’s techniques to intercept and neutralize cyberattacks before they get in.




[i] https://computer.howstuffworks.com/worst-computer-viruses2.htm


[ii] https://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses/

Did you Enjoy this Article?

Check out our free e-newsletters
to read more great articles.

Subscribe Now

© 2019, Best Brothers Group. All rights reserved.

Tags: cybersecurityStays
Admin

Admin

Canada 🇨🇦

0
Confirmed
0
Deaths
0
Recovered

Stay Connected

  • 1.4k Fan
  • 3 Follower
  • 35 Follower
  • 131 Follower

Popular Post

    Follow Our Page


    For all queries regarding print editions of BBG Architecture Life, including change of address, change of payment details requests and back issues, please contact +1-888-224-8688. Email: [email protected]
    • About US
    • Terms of use
    • Cookie Policy
    • Privacy Policy
    • Advertising guide

    Recent News

    Nova Scotia, feds investing $3.1M for construction of viewing deck on Peggy’s Cove shore - Halifax

    Nova Scotia, feds investing $3.1M for construction of viewing deck on Peggy’s Cove shore – Halifax

    January 15, 2021
    • Best Brothers Group
    • BBG Security Cameras
    • BBG Hub Home Automation
    • BBG Renovations
    • BBG Construction
    • BBG Business Partnership
    • BBG I/O Marketing
    • Security Cameras GK
    • Automatic Door Depot
    • About US
    • Terms of use
    • Cookie Policy
    • Privacy Policy
    • Advertising guide

    © 2018 BBG Architecture Life - supports the architecture industry on a daily news by Best Brothers Group.

    No Result
    View All Result
    • Interiors
    • Design
    • Technology
    • Projects

    © 2018 BBG Architecture Life - supports the architecture industry on a daily news by Best Brothers Group.

    Login to your account below

    Forgotten Password?

    Fill the forms bellow to register

    All fields are required. Log In

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In