Industry Insights with Mike Maddison

Breach Notification , Incident & Breach Response , Next-Generation Technologies & Secure Development

Cyber Threats Are Evolving

By working together, we can contribute to a safer world...
Cyber Threats Are Evolving

Having worked in cybersecurity for over twenty years, it’s fair to say that the threat landscape has evolved incredibly during that time. In fact, the threats businesses faced even a year ago are very different to those they are battling today.

It is a theme NCC Group has explored in its latest Growing Threats Insights – how cyber threats are changing, and how we need to adapt today to protect ourselves tomorrow.

Our research, including analysis from our industry-leading strategic threat intelligence teams and surveys of over 1,400 global cyber decision-makers, painted a clear picture…

  • Attacks are adapting in type, source and victims
  • Threat actors are shifting shape and deploying new methods
  • And specific industries – including industrials, financial services and technology – appear most at risk

It appears to be translating to threat and incident response – organizations appear more readily and rapidly able to respond. In our survey, 84% of those questioned said they can respond to attacks within a day, representing a 30% increase on previous years. However, only a third of businesses rated themselves as ‘very resilient’ against attack.

So, with business boundaries expanding in often ever-expanding ecosystems of customers, suppliers, partners and third parties, and our online and offline worlds intertwining, cybersecurity risks are becoming more complex to contend with. Whether employee fraud or a nation state attack, they are becoming increasingly complex and sophisticated, as are the IT systems on which they take place.

The main question is this: How do you scale incident response capabilities, while both speed and accuracy of an investigation are maintained, or even improved?

By open sourcing our Dissect software, we aim to collectively change the game in incident response. Working together to better protect our global tech infrastructure we’ve seen firsthand the benefits to incident response. And we want to share these benefits with the rest of the world.

Dissect supports the acquisition and analysis of hundreds of thousands of systems in mere hours. A modular system allows anyone with Python experience to use the concise API to adapt it to their own needs and create output to connect with a suitable platform.

Dissect will enable faster response times, helping to minimize the damage that cyber attacks can cause. Incident response currently involves organizations calling a trusted third party to deal with issues. However, attackers tend to take over a complete infrastructure, including on-premise and cloud systems. This means incident response can involve huge amounts of investigation with longer overall timelines. Dissect helps to ease these complexities by enabling analysis of thousands of systems in hours.

Incident response engagements also typically include a large, complex infrastructure that must be carefully examined. Furthermore, whilst making these examinations, investigators must remain undetected. Though most analysis tools are unable to reach these capacities, Dissect can.

Which is why we’ve taken the crucial decision to make this available to everyone. By sharing our strategic threat intelligence, research and expertise, we want to ultimately improve global incident response and work together to make the world safer and more secure.

Sign up for Insights and never miss any cyber advice, intelligence or events: www.nccgroup.com/insights.



About the Author

Mike Maddison

Mike Maddison

CEO, NCC Group

Mike was formerly head of EY’s cyber security, privacy, and trusted technology practice for EMEA, a role he has held since 2017. During that time Mike has successfully delivered strong growth across the 97 countries in the region and reinforced EY’s position as a leading Cyber Security adviser. Previously he led PwC’s Risk Services practice across the Middle East and before that was head of Deloitte’s cyber security consultancy in EMEA for ten years where he also drove significant growth.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.