Thank you for signing up!

Thank you for signing up for our newsletter. It's a great way to stay up to date with everything about Grove Group.

Lessons learnt from South Africa’s most recent cyber attacks: Lesson 3

The old paradigm of traditional cybersecurity programs has become outdated

In the past, having some sort of anti-virus installed and some sort of perimeter defence in place seemed to be enough to ease the cybersecurity worries of companies and organisations of all sizes. Not to mention that these technologies on their own have not been enough for quite some time, the entire mindset surrounding cybersecurity needs to shift. In these legacy approaches there were basically three strategies:

  • Throw more people at the problem, by hiring more incident responders.
  • To supplement incident responders, security teams have almost always leveraged some measure of automation via a host of pre-programmed response tools - from ‘next-gen’ firewalls and anti-virus solutions, through to Intrusion Prevention Systems and secure email gateways.
  • In recent years, security teams have sought to streamline integrations and automate workflows by deploying a range of orchestration solutions, which are designed to correlate insights from different tools and facilitate the creation of playbooks that the machine can execute on your behalf.

If an organisation is still heavily dependent on traditional tools that can't detect and respond to threats of all types, you will naturally need more people and process capabilities to manage in the current environment. However, if you start moving towards AI based technologies that can detect and respond to threats of all types, your perspective around the people and process changes. You firstly achieve greater assurance from your technology that you will detect all threat types across your environment, you will understand the capabilities in being able to automate your response to these threats, (achieving significant risk mitigation) and only thereafter will you be able to truly assess the new paradigm for the people and process needs. AI technology allows security teams to do a lot more with with their existing resources and focuses the requirement for any further investment (whether internal or outsourced)

Having experienced these limitations firsthand, forward-looking security teams are now opting for a more innovative approach - one which leverages AI-based technology to contain in-progress threats at machine-speed, without causing needless disruption to the business.


Sources:

  1. Insight into the cyber threat landscape in South Africa
  2. Forrester Report on The Emergence of Offensive AI
  3. Phishing from the inside: Microsoft 365 account hijack
  4. Darktrace Antigena: The Future of AI-Powered Autonomous Response
  5. The State of Email Security 2020


Tags:

Recent Tweets