Boiling down the basics
At its core, a zero-day attack has the same end goal as most other attacks. Threat actors take advantage of a weakness in security to gain access, but that is only the initial foothold, with the real damage coming after they get in. Once files have been encrypted, data has been leaked and money is being demanded, there is much more for security teams to worry about. But what if it never got to that point? To make this possible, security teams must ensure the organization’s security posture is equipped to mitigate the extent of a zero-day.
Essential security practices and tools such as an emergency response plan, inventory of systems and software, constant scanning and monitoring, segmentation and tabletop exercises are all key elements a security team should already be implementing. Without these basic best practices in place, the incident can progress as attackers create admin accounts, move laterally within systems, and cause an extensive security nightmare.
Not if, but when
Part of preparing means setting realistic expectations when it comes to the likelihood of an attack. While no one wishes for a cyberattack, an organization is likely to experience one sooner or later. That’s why it pays to be ready.
Organizations need to shift from a prevention mindset to a resilience philosophy, because at the end of the day it is impossible to stop every attack from happening, especially when it comes to zero-days. While stopping these attacks might not be possible, mitigating them is. Planning is a key factor and being prepared will put both business leaders and security teams at ease with the knowledge that they will handle a threat accordingly when the time comes.
First and foremost, security teams must identify if they’re vulnerable to the particular exploit. This should be easy if an organization’s defenders have an accurate and updated inventory of systems and software as well as awareness of the org’s attack surface. Case in point: the extent of the Log4Shell vulnerability is still unknown as security teams continue to find Log4j in their assets. With this awareness, teams can respond in a timely manner when mitigating steps are released.
If a software or system has been compromised, it’s more challenging to identify the initial attack vector because of the unknown nature of the vulnerability. Even though the source of the bleeding can’t immediately be identified, there are ways to prevent complete loss. This is where a plan is crucial to guide personnel on next steps. With the proper controls in place, along with a plan, organizations can optimize the best-case scenario given the situation.
The gaps to be filled
Organizations need comprehensive defense against the proliferation of malware and ransomware both within and across their SaaS applications. This requires the use of a security solution architected for the modern, cloud world and capable of defending against malware for any user, any device, and any app over any network (without the need to backhaul traffic to an appliance on premises). Such a solution needs to be able to prevent infected files from being uploaded to cloud applications, but it also must be able to identify threats that have already made their way into the cloud. Organizations must also be able to trust that their solution of choice can defend against any threat, including zero-day ransomware, and not just known malware. In the event of (increasingly common) double-extortion attacks, organizations need to be able to defend their data from being exfiltrated via SaaS, as well.
- Keep the devices updated with the most current software and antivirus programs.
Software updates to mobile devices often include patches for various security holes, so it’s best practice to install the updates as soon as they’re available.
There are many options to choose from when it comes to antivirus software for mobile devices, so it comes down to preference. Some are free to use, while others charge a monthly or annual fee and often come with better support. In addition to antivirus support, many of these programs will monitor SMS, MMS and call logs for suspicious activity and use blacklists to prevent users from installing known malware to the device.
- Backup device content on a regular basis.
Just like your computer data should be backed up regularly, so should the data on your company’s mobile devices. If a device is lost or stolen, you’ll have peace of mind knowing your valuable data is safe.
- Choose passwords carefully.
The average Internet user has about 25 accounts to maintain and an average of 6.5 different passwords to protect them, according to a recent Microsoft study. Obviously, this lack of security awareness is what hackers count on to steal data. Use the following tips to ensure your mobile device passwords are easy to remember and hard to guess:
- Require employees to change the device’s login password every 90 days.
- Passwords should be at least eight characters long and include uppercase letters and special characters, such as asterisks, ampersands and pound signs.
- Don’t use names of spouses, children or pets in the password. A hacker can spend just a couple minutes on a social media site to figure out this information.
We’ve seen some of the features that make JSON applications such as RESTful APIs more reliable than others, and the best places to go to learn about Lambda are Google Developer Tools (developerspaces), CloudDB, and AWS Lambda. To give you some basic recommendations, here’s how to use Lambda as a library to build services, service lifecycle management (SIL), and APIs that require no special setup.
In this section, we’ve summarized each of those features and their specific use cases.
Javascript
We’ll work with JSF’s RESTful API to provide a common API for data collection and retrieval. From there, we can create JSF services that can return either a JSON or a JSON-API document. These services are written in JavaScript, but we can also use JSF’s JSON API as a library.
The best way to get a real understanding over these services, is via the JIT API. The JIT API represents all the JSF implementations that you can use or integrate with JSF. It contains all the available JVM, ES6, and JavaScript implementations and provides two ways you can interact with the service:
In a JIT application, you perform various action (e.g., submit the request). In order to perform this action, you specify a command to
We’ve seen some of the features that make JSON applications such as RESTful APIs more reliable than others, and the best places to go to learn about Lambda are Google Developer Tools (developerspaces), CloudDB, and AWS Lambda. To give you some basic recommendations, here’s how to use Lambda as a library to build services, service lifecycle management (SIL), and APIs that require no special setup.
In this section, we’ve summarized each of those features and their specific use cases.
Javascript
We’ll work with JSF’s RESTful API to provide a common API for data collection and retrieval. From there, we can create JSF services that can return either a JSON or a JSON-API document. These services are written in JavaScript, but we can also use JSF’s JSON API as a library.
The best way to get a real understanding over these services, is via the JIT API. The JIT API represents all the JSF implementations that you can use or integrate with JSF. It contains all the available JVM, ES6, and JavaScript implementations and provides two ways you can interact with the service:
In a JIT application, you perform various action (e.g., submit the request). In order to perform this action, you specify a command to
We’ve seen some of the features that make JSON applications such as RESTful APIs more reliable than others, and the best places to go to learn about Lambda are Google Developer Tools (developerspaces), CloudDB, and AWS Lambda. To give you some basic recommendations, here’s how to use Lambda as a library to build services, service lifecycle management (SIL), and APIs that require no special setup.
In this section, we’ve summarized each of those features and their specific use cases.
Javascript
We’ll work with JSF’s RESTful API to provide a common API for data collection and retrieval. From there, we can create JSF services that can return either a JSON or a JSON-API document. These services are written in JavaScript, but we can also use JSF’s JSON API as a library.
The best way to get a real understanding over these services, is via the JIT API. The JIT API represents all the JSF implementations that you can use or integrate with JSF. It contains all the available JVM, ES6, and JavaScript implementations and provides two ways you can interact with the service:
In a JIT application, you perform various action (e.g., submit the request). In order to perform this action, you specify a command to