Why security needs a step change to thwart cyber attacks amid surging innovation

As enterprise digitization accelerates to drive growth and meet customer expectations, it’s vital security leaders have the right tools and strategies to keep businesses secure.

Take AI innovation for example. While its transformative impact is clear, security leaders must ensure these activities do not unwittingly widen “attack surfaces”.

Beyond AI threats, issues such as unpatched systems still contribute to a large percentage of security breaches.

Often, these vulnerabilities lead to preventable breaches. Industry estimates put the number of breaches due to unpatched systems at around 60%.

The UK government found that “weaknesses in cyber security systems, such as portals, unpatched servers, unpatched firewalls and insecure remote desktops were common vectors of attacks” leading, especially, to ransomware.

New vulnerabilities present a real, and growing risk. In 2024, almost one in four vulnerabilities were exploited on or before they were disclosed in public, according to research by VulnCheck.

2389261825
shutterstock/DC Studio

Put to the test

To address these risks, enterprises need an effective vulnerability management strategy. This includes monitoring of threat intelligence sources, and regular vulnerability scanning. Organizations also need robust policies in place, to ensure that vendors’ software patches are applied promptly.

But for businesses to have a full picture of their vulnerabilities, they need to go further.

Conventional penetration testing (commonly called pentesting) is carried out by teams of security specialists.

Pentesting is effective, but as a manual process it is time consuming, expensive, and sometimes disruptive to the business. The security consulting firm and CREST member SECFORCE calculates this costs to around £1200 (€1400) a day. Longer engagements can easily add up to significant fees.

Tests and scans must also be acted on. Unless the reporting process is linked to changes in the organization’s security, risks will remain.

Automated response

Increasingly, CISOs are turning to automation, to detect threats more quickly and respond more effectively.

Vulnerability scanning, patch management and prioritization are two areas where enterprises can reduce the workloads on security teams through greater use of automation.

But even areas such as penetration testing can be automated. Automation cuts costs and frees up security experts to focus on the most pressing threats.

In addition, automated scanning and testing can run constantly in the background, picking up new threats as they emerge. This helps enterprises to move to near-time detection and response, closing down attacks before they cause damage.

This approach allows security teams to scale up their operations to cover more complex IT architectures and an expanding attack surface, without the need for more human testers.

Through automation, security teams can carry out more frequent and more comprehensive assessments, across more systems.

A well-designed system, such as those aligned to the MITRE ATT&CK framework, will cover applications, networks and endpoints, using the latest algorithms to detect suspicious activity.

Furthermore, automated testing removes the risk of human error. And, as it runs in the background, and integrates with existing security tools, it reduces the disruption often associated with manual security tests and simulations. A good-quality scanning and testing system will also automate reporting, saving time for security analysts.

Automated vulnerability scanning, patch management and penetration testing cannot stop cyber attacks. But they provide a faster and more comprehensive response, helping  businesses become more secure.

Find out how T-Systems can help you rethink your security with our comprehensive security guide and state of the art services like automated pentesting.Why security needs a step change to thwart cyber attacks amid surging innovation – ComputerworldRead More