Cyber threat anticipation: How NEC XON leads the charge

Armand Kruger, Head of Cyber Security at NEC XON.

---

In a digitally connected world, the war against cyber threats has never been more critical – or ferocious. The ever-increasing number of sophisticated attacks on the horizon means organisations must evolve and adapt their cyber security strategies to protect their data, systems and reputation. NEC XON, a cyber security leader, is at the forefront of this fight, pioneering innovative approaches to enhance cyber defence and resilience.

Recent findings from the Microsoft Digital Defense Report have unveiled some alarming statistics. Human-operated ransomware attacks have surged by a staggering 200%, and it's not just large corporations that are in the crosshairs. Small and medium-sized businesses, with fewer than 500 employees, represent 70% of the organisations hit by these malicious attacks. Password-based attacks have also witnessed a significant spike, underscoring the need for organisations to adapt and prepare for the ever-evolving cyber threat landscape.

NEC XON’s cyber security strategy foundation lies in the core principles of threat detection, response and anticipation. Our proactive approach to threat anticipation is the new frontier of defence, where we calibrate our readiness based on known vulnerabilities and observed attack techniques. This approach empowers us to reduce risk gradually while fostering business transformation and innovation.

Consider this scenario: Organisation A falls victim to a cyber attack due to a compromised credential used to access its customer infrastructure via VPN without multi-factor authentication (MFA).

Threat anticipation is observing the attack tactics, going to all customers and partners and assisting them to enable MFA on VPN via a unified identity-centric strategy that is centrally controlled. Threat detection is detecting that there was an attempt to log into VPN via a compromised credential but was mitigated by MFA and additional controls applied as part of the identity-centric architecture. Threat response is disabling the compromised identity that was compromised, changing its password and limiting its ability to log into any business application, protecting business assets and maintaining cyber resilience.

In a landscape where cyber threats are prolific, the ability to innovate cyber strategy is crucial. We adopt an adversary-centric mentality, allowing us to view our customers’ organisations through the eyes of modern adversaries. By anticipating attack opportunities in the process of threat modelling and mapping them against current safeguards, we can pre-emptively strengthen defences. Here’s a cheat sheet with some key tactics to remember:

• Map and reduce your perimeter: Identify and secure all potential entry points for adversaries, from VPNs to public-facing systems and login interfaces with no MFA.
• Architecturally redesign your infrastructure: Implement network segmentation to limit lateral movement within your network and gain control over adversary pathways.
• Adopt a unified and identity-centric approach: Strengthen identity and access management (IAM) solutions to ensure MFA across the entire network.
• Reinforce privileged access control: Prioritise securing privileged access to seal off unauthorised pathways and closely monitor authorised access.
• Prioritise basic cyber hygiene controls: Implement fundamental cyber hygiene practices, such as changing default credentials and reducing over privileged users and groups.
• Build a robust incident response plan: Prepare for cyber incidents with a well-defined response plan that includes communication, coordination and testing.
• Use a vigorous XDR solution: Implement extended detection and response (XDR) to correlate signals from various security products and execute rapid threat response actions.
• Maintain tested and isolated backups: Regularly back up critical data and applications, isolate them from the production environment and test their restoration.
• Educate and guide the board of directors: Ensure that the board understands the evolving cyber risks and aligns cyber security investment with a defence-centric strategy.

Cyber security is no longer just a matter of implementing security tools and services; it requires a holistic, proactive approach that incorporates threat anticipation, innovative thinking and a strong defence-centric strategy. NEC XON is at the forefront of this paradigm shift, leading the way in preparing for the cyber security challenges of tomorrow. In a world where cyber threats continue to evolve, our approach to threat anticipation is our first line of defence, ensuring that the pleasure of protection is all ours.