Intelligent CISO Issue 45 | Page 39

FEATURE into an organisation ’ s network after carrying out an initial breach .
Next year , we will see attackers ramp up the lateral movement concept for internal networks to new levels , even after the Russia-linked REvil Ransomware-asa-Service group leveraged Kaseya ’ s network management and remote control software .
Hackers were able to move not only within Kaseya ’ s network , but extend its reach to its customers .
Having seen the success of this attack , hackers will soon apply it to an entire partner network using misconfigured APIs , allowing them access from the Internet into a company ’ s environment .
CISOs will need to get ahead of this . Proactive measures such as a comprehensive Security Information and Event Management ( SIEM ) platform are what ’ s needed to combat this , not defensively reacting after it starts to infiltrate systems and cause irreparable damage .
A plan for CISOs
After well over a year of adapting to this new environment , CISOs have already made huge strides in creating new plans and processes to enable enhanced protection . They recognised the need to adapt and acted on it , using unseen levels of automation and innovation to do so .
In 2022 , CISOs will need to fight for their voice to be heard among the C-suite , which will allow them to implement more sophisticated defence strategies to mirror the increasing sophistication of the methods used by hackers . The working environment will continue to change , but with thorough preparation , CISOs can continue doing what they do best : protecting their business . u www . intelligentciso . com