conix
3 years ago
3 Cybersecurity Myths to Bust
Deeply rooted cybersecurity misconceptions are poisoning our ability to understand and defend against attacks.
"Every lie is a poison; there are no harmless lies." Leo Tolstoy said this over 100 years ago, and who am I to argue with the great author? His observation holds as true today as ever — in many aspects in life, including cybersecurity.
I attend many cybersecurity presentations in my work, and one thing that has bothered me the past several years is the (over)use of clichés, myths, and misconceptions. There are many cybersecurity myths out there, but the three that are the most deeply rooted in the cybersecurity world (and therefore are the most "poisonous," as Tolstoy would say,) relate to People, Process, and Technology.
Myth #1: Sophisticated Threat Actors Use Sophisticated Tools
One misconception I run into a lot is the notion that sophisticated nation-state actors always use sophisticated cyberweapons when they breach organizations. While threat actors may indeed use zero-day exploits and advanced techniques to breach systems and access networks, in almost all cases, the initial vector is a (relatively) simple attack against humans. Why? Several reasons: a) it works, b) it's very cost-effective, and c) it's much harder to attribute. When attackers use an advanced capability like a zero-day exploit, they have a higher risk of being attributed to the attack. After all, there are only so many organizations that can develop or purchase zero days.
On the other hand, a relatively simple attack against a person, using a combination of social engineering techniques and open source intelligence (OSINT) can yield devastating results. Some of the most notorious breaches started just like that: the RSA hack, the Sony hack, the Associated Press hack, the Target hack, the DNC hack … and the list goes on.
In 2018, Verizon estimated that 33% of all breaches start with a social engineering attack. This is a very conservative estimate. Some researchers estimate the number to be closer to 90%. While security vendors push for more products, we must remember that not all cybersecurity gaps are technological. Most are related to people.
Myth #2: Attackers Need to Be Right Only Once; Defenders Must Be Right All the Time
I probably hear this process-related misconception the most. Claiming that an attacker needs to be right only once oversimplifies an attack life cycle from the point-solution vendor's point of view. In actuality, the attacker has to be right many times, and the defender has many opportunities to detect, mitigate, or prevent the attack.
To illustrate this, I suggest looking at the MITRE ATT&CK framework. For virtually any threat actor or attack type, the ATT&CK Navigator shows multiple techniques that can be used as part of the 14 tactics. Pick, for example, REvil ransomware. Notice how many different actions the attacker takes from Initial Access to Impact. The attackers don't have to be right once; they have to be right many times. The defenders will remain unaware of the attack if they miss all these opportunities to detect it.
True, the attackers likely will not give up if one technique fails or is stopped, and sophisticated threat actors are nearly impossible to stop. However, there is a lot to be said about early detection, attack mitigation, and incident response time. Saying that the attacker needs to be right only once is an easy out. We can do better than that if we break the siloed view.
Myth #3: You Need More Security Products to Stop All the New Threats
In terms of technology, we are learning the hard way that less is more. (Why not use a cliché to refute a cliché?) The average organization has 50 to 80 security products, yet most of them don't communicate with each other, some are partially integrated, and together they create huge management and monitoring burdens on security teams. Analysts and researchers suffer from alert and monitor fatigue, and there are good reasons practitioners in all disciplines are looking for easy-to-use, converged systems.
Vendor overload is directly related to the People and Process myths above. More chief information security officers (CISOs) are looking to cut back on the number of solutions they have while maintaining their security capabilities and operational readiness. This can be backtracked to the layered-security approach: The notion is true; you do need multiple layers for defense. Yet this does NOT mean you need more and more disparate systems to achieve it! The number of systems that analysts need to work with has become a burden. We don't need more tech — we need smarter, easier-to-use tech. We need to develop muscle, not fat.
It's Time to Bust These Myths for Good
To sum things up, we have to acknowledge these misconceptions about cybersecurity. If you read reports from almost 20 years ago, you will see the same problems and issues. Now is a great time to turn things around and bust these myths forever.
The adoption of cloud architectures gives us an opportunity to change the way we think and approach cybersecurity challenges. We can take these myths and put them behind us. As another great thinker, Albert Einstein, said, "The measure of intelligence is the ability to change."
conix
3 years ago
CrowdStrike (NASDAQ:CRWD) Raised to Buy at Jefferies Financial Group
Posted by ABMN Staff on Jan 11th, 2021
CrowdStrike logoCrowdStrike (NASDAQ:CRWD) was upgraded by research analysts at Jefferies Financial Group from a “hold” rating to a “buy” rating in a research note issued on Monday, AnalystRatings.net reports. The firm presently has a $275.00 target price on the stock, up from their prior target price of $160.00. Jefferies Financial Group’s price objective suggests a potential upside of 25.24% from the company’s current price.
Other analysts also recently issued reports about the company. Oppenheimer lifted their price target on CrowdStrike from $164.00 to $190.00 in a report on Thursday, December 3rd. Barclays lifted their price target on CrowdStrike from $193.00 to $221.00 and gave the stock an “overweight” rating in a report on Wednesday, January 6th. JMP Securities lifted their price target on CrowdStrike from $160.00 to $180.00 and gave the stock an “outperform” rating in a report on Thursday, December 3rd. Credit Suisse Group lifted their price target on CrowdStrike from $125.00 to $150.00 and gave the stock a “neutral” rating in a report on Friday, December 4th. Finally, Piper Sandler lifted their price target on CrowdStrike from $180.00 to $240.00 and gave the stock an “overweight” rating in a report on Tuesday, January 5th. Five research analysts have rated the stock with a hold rating, eighteen have assigned a buy rating and one has issued a strong buy rating to the stock. The stock currently has a consensus rating of “Buy” and an average price target of $182.96.
NASDAQ:CRWD opened at $219.58 on Monday. The firm has a market cap of $48.59 billion, a PE ratio of -466.09 and a beta of 1.32. The stock has a fifty day moving average price of $182.89 and a 200 day moving average price of $137.31. CrowdStrike has a 12-month low of $31.95 and a 12-month high of $228.82.
CrowdStrike (NASDAQ:CRWD) last released its earnings results on Wednesday, December 2nd. The company reported $0.08 earnings per share (EPS) for the quarter, beating the Zacks’ consensus estimate of ($0.15) by $0.23. The firm had revenue of $232.50 million during the quarter, compared to analyst estimates of $214.36 million. CrowdStrike had a negative return on equity of 12.79% and a negative net margin of 13.40%. CrowdStrike’s revenue was up 85.9% compared to the same quarter last year. During the same period last year, the business posted ($0.07) earnings per share. Equities analysts anticipate that CrowdStrike will post -0.37 earnings per share for the current fiscal year.
In related news, CEO George Kurtz sold 24,951 shares of the business’s stock in a transaction dated Tuesday, October 13th. The stock was sold at an average price of $152.50, for a total value of $3,805,027.50. The sale was disclosed in a legal filing with the SEC, which is available at the SEC website. Also, Director Gerhard Watzinger sold 30,000 shares of the business’s stock in a transaction that occurred on Monday, October 26th. The stock was sold at an average price of $133.89, for a total value of $4,016,700.00. The disclosure for this sale can be found here. Insiders sold a total of 1,128,070 shares of company stock worth $201,840,006 in the last 90 days. 11.32% of the stock is currently owned by insiders.
A number of hedge funds and other institutional investors have recently added to or reduced their stakes in the business. BlackRock Inc. increased its position in CrowdStrike by 67.6% during the 3rd quarter. BlackRock Inc. now owns 9,136,950 shares of the company’s stock worth $1,254,685,000 after purchasing an additional 3,685,952 shares during the period. State Street Corp increased its position in CrowdStrike by 41.1% during the 3rd quarter. State Street Corp now owns 2,834,562 shares of the company’s stock worth $389,242,000 after purchasing an additional 825,093 shares during the period. First Trust Advisors LP increased its position in CrowdStrike by 12.9% during the 3rd quarter. First Trust Advisors LP now owns 2,013,711 shares of the company’s stock worth $276,523,000 after purchasing an additional 230,491 shares during the period. FMR LLC increased its position in CrowdStrike by 6.4% during the 2nd quarter. FMR LLC now owns 1,307,235 shares of the company’s stock worth $131,102,000 after purchasing an additional 78,251 shares during the period. Finally, Charles Lim Capital Ltd increased its position in CrowdStrike by 14.4% during the 3rd quarter. Charles Lim Capital Ltd now owns 1,188,292 shares of the company’s stock worth $163,176,000 after purchasing an additional 149,405 shares during the period. Institutional investors own 60.00% of the company’s stock.
Spicknspan
4 years ago
CrowdStrike Store Continues Momentum With Diverse Applications That Bolster Unified Approach to Security Through the Falcon P...
August 18 2020
Applications from Illumio, Obsidian and SecurityAdvisor address unique security use cases that support accelerated digital transformation for hybrid workforces
CrowdStrike Inc. (Nasdaq:CRWD), a leader in cloud-delivered endpoint protection, today announced the addition of applications from Illumio, Obsidian and SecurityAdvisor to the CrowdStrike® Store. These new applications extend the power of the CrowdStrike Falcon® platform by addressing unique use cases, offering customers flexibility in determining how to further fortify their security stance to meet the needs of hybrid workforces in the new business normal without requiring any additional agents on their workloads.
As the industry’s first fully integrated security cloud ecosystem, the CrowdStrike Store provides customers a choice of strategic vendors and security technologies managed through a single cloud platform, custom-built for the enterprise. These new integrations leverage the power and scale of the Falcon platform to solve for diverse business critical use cases, including an endpoint segmentation solution to stop malware and ransomware propagation, security visibility for Software as a Service (SaaS) applications and personalized contextual security awareness training. Customers can seamlessly trial and subsequently deploy these new applications through the CrowdStrike Store, further leveraging their investment in the Falcon platform.
“As organizations adjust their business processes to support hybrid workforces, they are conscious of cost and looking for flexibility that allows them to securely support their ongoing digital transformation needs,” said Andy Horwitz, vice president of CrowdStrike Store Business. “The CrowdStrike Store delivers native integrations from trusted security technology partners that leverage both the scale and telemetry of the CrowdStrike® security cloud. This allows the applications to deliver faster, smarter and more effective solutions. With the addition of these integrations from Illumio, Obsidian and SecurityAdvisor, customers have the opportunity to further maximize their investment in the CrowdStrike Falcon platform and improve their security posture with third-party applications solving new and important use cases.”
The addition of these applications follows on the heels of the recently announced availability of Exabeam Ingester Analytics for CrowdStrike in the CrowdStrike Store. Exabeam Ingester for CrowdStrike provides access to endpoint telemetry in the CrowdStrike Falcon platform and enables near real-time data streaming to detect advanced threats via a pre-built connector. With Exabeam user and entity behavior analytics (UEBA), security teams can unlock more detection use cases from their endpoint data including lateral movement, credential compromise and data exfiltration.
The new applications from Illumio, Obsidian and SecurityAdvisors demonstrate the significant expansion of the CrowdStrike Store, which continues to grow its breadth of partners and the security use cases served. Following are details on the new applications:
Illumio Edge for CrowdStrike - Illumio has partnered with CrowdStrike to offer Illumio Edge for CrowdStrike, an endpoint segmentation solution that reduces the risk of ransomware and malware propagating laterally throughout an organization. Fully managed in the cloud, customers can enable this new offering via their existing CrowdStrike Falcon agent. By automatically configuring allowed network connections and traffic on every endpoint, Illumio Edge for CrowdStrike helps organizations better secure users regardless of their location.
Obsidian - Obsidian delivers comprehensive enterprise security for SaaS. The Obsidian cloud detection and response (CDR) solution integrates with the CrowdStrike Falcon platform to deliver unified visibility across SaaS applications and endpoints. By correlating Obsidian data about user access, privileges and activity in SaaS applications with rich endpoint telemetry from CrowdStrike endpoints, security teams can uncover, investigate and respond to breaches and insider threats quickly, without slowing down business operations.
SecurityAdvisor - SecurityAdvisor provides just-in-time automated, targeted cybersecurity micro-lessons to end users when a security incident occurs. SecurityAdvisor integrates its cloud-delivered SaaS platform with the Falcon platform and intelligently identifies teachable moments when an incident occurs, delivering relevant, real-time lessons over multiple communication channels to the workforce, helping build a culture of cyber-immunity organization wide.
Supporting partner quotes:
Andrew Rubin, Illumio co-founder and chief executive officer: “Lateral movement is a common characteristic of ransomware and malware attacks, turning a single infection into a massively disruptive, headline-breaking incident in minutes. Illumio Edge extends Zero Trust to the endpoint with containment by default to prevent the propagation of ransomware and malware. This ensures the first endpoint infected is always the last endpoint infected. With easy deployment through the CrowdStrike agent, together we deliver the most complete threat prevention offering on the market today.”
Glenn Chisholm, co-founder and chief executive officer of Obsidian: “The tremendous growth of endpoint devices and rapid cloud adoption are the two biggest drivers of digital transformation over the past decade, enhancing agility and enabling organizations to focus on their core mission. Internet-connected endpoint devices and cloud applications now have access to business-critical data, leading to an increase in attacks targeting these assets. Integrating the industry’s first cloud detection and response (CDR) solution from Obsidian with a leading endpoint detection and response (EDR) solution from CrowdStrike delivers seamless visibility across users’ devices and cloud accounts, and enables joint customers to detect, investigate and remediate attacks.”
Sai Venkataraman, co-founder and chief executive officer at SecurityAdvisor: “Human actions are responsible for >90% of security breaches and security teams struggle to engage and build security awareness programs that actually work. We are excited to partner with CrowdStrike to launch our next-generation security awareness offering. By leveraging CrowdStrike’s detections, we can automate and personalize security awareness for our joint customers and also reduce security risk in a measurable way that was not previously possible. This allows our joint customers to fortify every employee, take away the hours spent on annual security training and build an organization-wide secure culture.”
Nir Polak, co-founder and chief executive officer at Exabeam: “The Exabeam Ingester for CrowdStrike highlights our commitment to CrowdStrike and Exabeam customers to help them unlock the power of their rich endpoint data with behavior analytics. With a simple free trial in Exabeam's cloud, this is the perfect tool for customers to use Exabeam's behavior analytics to add value to their threat detection use cases.”
Register for streaming realtime charts, analysis tools, and prices.
double_m
1 month ago
usaphilippines
2 months ago
Monksdream
2 months ago
BottomBounce
9 months ago
Liam859
1 year ago
Pisd
2 years ago
peterquinnvet
2 years ago
crudeoil24
3 years ago
DayTraderOG
3 years ago
TFMG
4 years ago
slyguy8888
4 years ago
WaitN4TheBigOne
4 years ago
JohnCM
4 years ago
Hot Features
Premium
