Cyber threat anticipation

Issue 7 2023 Information Security, Security Services & Risk Management


Armand Kruger.

In a digitally connected world, the war against cyber threats has never been more critical – or ferocious. The ever-increasing number of sophisticated attacks on the horizon means organisations must evolve and adapt their cybersecurity strategies to protect their data, systems, and reputation. NEC XON is at the forefront of this fight, pioneering innovative approaches to enhance cyber defence and resilience.

Recent findings from the Microsoft Digital Defence Report have unveiled some alarming statistics. Human-operated ransomware attacks have surged by 200%, and it is not just large corporations in the crosshairs. Small and medium-sized businesses with fewer than 500 employees represent 70% of the organisations hit by these malicious attacks. Password-based attacks have also witnessed a significant spike, underscoring the need for organisations to adapt and prepare for the ever-evolving cyber threat landscape.

NEC XON’s cybersecurity strategy foundation lies in the core principles of threat detection, response, and anticipation. Its proactive approach to threat anticipation is the new frontier of defence, where it calibrates its readiness based on known vulnerabilities and observed attack techniques. This approach empowers it to reduce risk gradually while fostering business transformation and innovation.

A real-world example

Consider this scenario: Organisation A falls victim to a cyberattack due to a compromised credential to access its customer infrastructure via VPN without Multi-Factor Authentication (MFA).

Threat anticipation is observing the attack tactics, going to all customers and partners and assisting them to enable MFA on VPN via a unified identity-centric strategy that is centrally controlled.

Threat detection is detecting an attempt to log into the VPN via a compromised credential, but it was mitigated by MFA and additional controls applied as part of the identity-centric architecture.

Threat response is disabling the compromised identity, changing its password and limiting its ability to log into any business application, protecting business assets and maintaining cyber resilience.

The role of cyber innovation

The ability to innovate cyber strategy is crucial in a landscape where cyber threats are prolific. NEC XON adopts an adversary-centric mentality, allowing it to view our customers’ organisations through the eyes of modern adversaries. By anticipating attack opportunities in the process of threat modelling and mapping them against current safeguards, the company can pre-emptively strengthen defences. Here is a cheat sheet with some key tactics to remember.

Key tactics for cyber resilience

• Map and reduce your perimeter: Identify and secure all potential entry points for adversaries, from VPNs to public-facing systems and login interfaces with no MFA.

• Architecturally redesign your infrastructure: Implement network segmentation to limit lateral movement within your network and gain control over adversary pathways.

• Adopt a unified and identity-centric approach: Strengthen identity and access management (IAM) solutions to ensure MFA across the entire network.

• Reinforce privileged access control: Prioritise securing privileged access to seal off unauthorised pathways and closely monitor authorised access.

• Prioritise basic cyber hygiene controls: Implement fundamental cyber hygiene practices, such as changing default credentials and reducing over-privileged users and groups.

• Build a robust incident response plan: Prepare for cyber incidents with a well-defined response plan that includes communication, coordination, and testing.

• Use a vigorous XDR solution: Implement extended detection and response (XDR) to correlate signals from various security products and execute rapid threat response actions.

• Maintain tested and isolated backups: Regularly back up critical data and applications, isolate them from the production environment, and test their restoration.

• Educate and guide the board of directors: Ensure the board understands the evolving cyber risks and aligns cybersecurity investment with a defence-centric strategy.

Cybersecurity is no longer just a matter of implementing security tools and services; it requires a holistic, proactive approach incorporating threat anticipation, innovative thinking, and a solid defence-centric strategy. NEC XON is at the forefront of this paradigm shift, leading the way in preparing for the cybersecurity challenges of tomorrow. In a world where cyber threats continue to evolve, its approach to threat anticipation is the first line of defence.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From QR code to compromise
Information Security News & Events
A new attack vector involves threat actors using fraudulent QR codes emailed in PDF attachments to bypass companies' phishing security measures by requiring users to scan the code with their mobile phones.

Read more...
Boost revenue streams for MNOS
News & Events Security Services & Risk Management Financial (Industry)
ReveNet has introduced its new solution, designed to safeguard and potentially boost revenue streams in an increasingly challenging landscape for MNOS. The new platform combines advanced analytics and is built on trust, transparency, and sustainability principles.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
Vodacom Business unveils new cybersecurity report
Information Security IoT & Automation
Cybersecurity as an Imperative for Growth offers insights into the state of cybersecurity in South Africa, the importance of security frameworks in digital resilience and the latest attack methods adopted by cyberattackers.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
Know who’s spying on you
Kaspersky Information Security Products & Solutions
According to the latest State of Stalkerware report, 40% of the people surveyed worldwide stated they have experienced stalking or suspect they are being spied on. A solution for Android is now available.

Read more...
Cybersecurity needs 4,7 million professionals
Information Security
Despite all the efforts organisations worldwide put into preventing cyberattacks, global cybercrime has snowballed to $9,2 trillion in 2024 and is expected to grow by another 70% to $15,6 trillion by the end of a decade.

Read more...
SA company develops world-first safe K9 training for drug detection
Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...