The region’s rapid digitization and technological transformation, coupled with its wealth, has opened the doors to cyberattacksfrom a host of attackers. In the wake of smart services, mobility and the Internet of Things, the attack surface has invariably increased. Attivo Networks reveals valuable security insights and strategies that the modern cybercriminal will employ to exploit the cyber landscape to its highest potential.
“The coming year will see an increase in POS malware breaches as attackers move downstream and focus more on smaller retailers and businesses” said Ray Kafity, Vice President – Middle East, Turkey and Africa (META) at Attivo Networks in a statement.
On the surface, it may appear that the number of breaches affecting retailers and incidences of customer data theft are decreasing. This, in fact, is a misnomer. The number of attacks seems lower because of the lack of disclosed information, as well as the gradual shift in focus from the retail segment to others, such as travel and restaurants.
“Thousands of POS systems continue to run without any form of anti-virus software because of older Windows XP operating systems and the “trust” relation system with asset management servers. The core problem around Point of Sale (POS) breaches remains largely unaddressed,” continued Kafity.
As breaches continued this year, a larger number of CISOs started considering more budget allocations towards detection systems, so that attackers inside the network could be identified and stopped. Attivo predicts that budgets will prioritize detection over prevention and deception technology will enter the mainstream for advanced threat detection.
With more emphasis on detection technology, there will be a decrease in dwell time and an increase in the number of breaches being detected by internal teams, whereas, historically, only 1 in 5 breaches are detected internally. Kafity predicts that by the end of 2017, this number will increase to 50% of all breaches being detected internally by customers, law enforcement agencies, and other interested third parties.
According to Ray Kafity intelligence-sharing is very important in the campaign against cybercrime. Vendors will continue to collaborate in sharing information and on integrating their solutions, enabling the sharing of data and providing security teams with a single source of information on possible attacks. Collaboration will allow teams to see real threats they might have missed on their own, based on a partial view of threat activity throughout the network. Operational efficiency will increase significantly, providing better detection, quick remediation, and more effective incident response at the time of attack.