Yaron Kassner, Co-Founder and CTO of Silverfort, spoke to Technology magazine about how businesses can develop cyber resilience.
Keeping up with the latest attack patterns from malware groups has always been a top security priority. But while it is essential to understand how cyber criminals gain initial access, it has become increasingly important to focus on what happens after this – understanding how they move from one machine to another.
Technology Magazine asked Yaron how ransomware attackers use lateral movement to attack an organisation and what can be done to ensure cyber resilience.
How can any organisation strengthen their cyber resilience against lateral movement attacks?
Lateral movement used to be the preserve of highly resourced attack groups but, as with anything in cybersecurity, has become commoditized. First, organisations need to realise this and build lateral movement prevention into wider risk reduction strategies.
Next, they need visibility of such attacks. Until now, this has been a challenging task because spotting malicious access requests has been difficult. However, it is now possible to apply risk-based analysis to identity data to spot the anomalies which are a marker of threat actors. This ultimately means understanding what constitutes a ‘normal’ baseline for identity, and then monitoring for things like abnormal volumes and types of requests.
Most importantly, they can apply proactive rules and policies to act as gatekeepers around sensitive resources. This can come in the form of an MFA request designed to ensure that only the right person is allowed to access the asset in question.
To read the full article, click here.