Intelligent CISO Issue 68 | Page 28

Good defences not only protect but they impose a cost on criminals . criminal to have penetrated a network until they detonate their final malware has reduced from 10 days in 2022 to eight days in the first six months of 2023 . If this decline continues , we will need to be even faster at both detection and response than ever before to prevent increasingly costly incidents .
Another takeaway from 2023 is we have no time to waste when defending our information .
If we leave the doors and windows unlocked , we should expect to find intruders among us .
editor ’ s question

?

ne old truth we

O learned this year has more nuance than we might have anticipated ; it is how lazy criminals are and yet quick to take advantage of things that increase their successes . Observing the last 18 months of cases handled by Sophos Incident Response Services , we see the criminals waver back and forth between using stolen credentials and exploiting unpatched vulnerabilities as the winds of security fates blow in either direction .

In the end , why bother doing the hard part if your potential victims will make it easy for you . It ’ s no surprise that the easiest way is the favourite way , but to see it so directly tied to the availability of high-profile exploits ( easiest ) and their scarcity force criminals to step up to credential theft provides useful information for us to use in crafting a defence . One , we should spend more time on patching externally vulnerable systems . Two , we should require Multi- Factor Authentication on all externally referenceable systems . Lastly , for every action we take , we can raise the cost of our attackers to gain an initial foothold . Good defences not only protect but they impose a cost on criminals .
Another takeaway from 2023 is we have no time to waste when defending our information . The median time for a

Good defences not only protect but they impose a cost on criminals . criminal to have penetrated a network until they detonate their final malware has reduced from 10 days in 2022 to eight days in the first six months of 2023 . If this decline continues , we will need to be even faster at both detection and response than ever before to prevent increasingly costly incidents .

Another takeaway from 2023 is we have no time to waste when defending our information .

How are the criminals getting faster ? They are becoming more specialised at specific tasks and working in ever larger , complex networks to achieve their goals . With the large sums of money , many of the groups can hire increasingly talented co-conspirators to breach our defences .
The biggest lesson of 2023 is that everything that was wrong , still is wrong . While we have solved the problem of Flash and Java being exploited to compromise our PCs and we use TLS to encrypt nearly all of our Internet traffic , there is still a lot of low-hanging fruit .
If we leave the doors and windows unlocked , we should expect to find
CHESTER WISNIEWSKI , DIRECTOR , FIELD CTO , SOPHOS

If we leave the doors and windows unlocked , we should expect to find intruders among us .

intruders among us . The work we have done to improve our security as a community is working and the evidence supports that . Now we must continue to build on those improvements to make it increasingly more difficult and expensive for thieves to take advantage . Fast and complete patching will go a long way ; along with stronger authentication , 24 / 7 monitoring and remediation capabilities . On to 2024 , onwards and upwards !
28 www . intelligentciso . com