“Rarely is threat activity taken consideration when making operational and investment-related decisions, but our customers have reported measurable improvements to their organization’s defensive posture when they do,” said Shay Zandani, CEO, Cytegic.
Hackensack, New Jersey (PRWEB) February 29, 2016
Cytegic, a provider of Cyber Security Risk Management solutions, today announced that for the next six months, it’s offering complimentary access to its Threat Intelligence reports. Cytegic’s risk management platform correlates its threat intelligence with real-time information about an organization's internal controls and cyber security maturity level. By providing unfettered access to its reports coupled with guidance on how security operations teams should use the information, Cytegic demonstrates how to make intelligence on broad trends actionable while accelerating the transition from reactive to proactive security operations.
“Rarely is threat activity taken consideration when making operational and investment-related decisions, but our customers have reported measurable improvements to their organization’s cyber preparedness and defensive posture when they do,” said Shay Zandani, Co-founder and CEO of Cytegic. “That’s why we’re doing this – to show organizations how they can evolve their operational processes and culture through the use of actionable intelligence.”
Major Sports Events and Holidays Follow Predictable Attack Patterns
Cytegic has found that “big picture’ intelligence, when presented in a global context, reveals strikingly consistent trends that organizations can act upon to strengthen an organization’s security posture. One trend Cytegic has identified is that attack activity and methods surrounding high profile sporting events follow a surprisingly predictable pattern. During major sporting throughout 2014 and 2015, and into 2016 as recently as Super Bowl 50, Cytegic analysts have observed:
- A decrease in activity in the week before the event, dipping most significantly on the day before, with a spike in activity starting on the day of the event and continuing a few days after.
- The main industries targeted during this year’s Super Bowl season were Government, Education and Media - last year it was Government, Retail and Media.
- For two years running, three of the top four TTPs for the Super Bowl are Malware, Email Social Engineering and DDoS Attacks.
Similar observations can be made for holiday attacks and attack patterns:
- Attacks against retailers usually take place a few days before a major holiday, with the week before Christmas being the most threatened time in this period.
- The most active cyber-attackers during the U.S. holiday season are financially motivated attackers, who accounted for more than a third of attacks in 2014 and 2015.
- The top TTPs during the 2014 and 2015 holiday seasons were Malware, Email Social-Engineering, Denial of Service and Terminal Malware.
Moving from Passive Analysis to Preemptive Defense: A Primer
Cytegic CEO Shay Zandani suggests companies implement the following preemptive measures a few weeks in advance of when the above attack patterns and TTPs have historically begun:
- Hardening Security Information and Event Management (SIEM) systems to search for user and network anomalies.
- Rolling out company (or refreshing) User Awareness and Training initiatives to educate users on potential phishing spear phishing and social engineering email scams.
- Updating signatures on all antivirus or endpoint security systems.
- Contact your company’s ISP to lock in a DDOS response plan or consider engaging a DDOS attack specialist, or at a minimum use free tools to test for network bottlenecks that might crash first.
“Because our platform can run 'what-if' simulations of potential attack scenarios, our customers generate very specific updates to their control sets that optimize their defensive posture in advance of known spikes in threat activity," Mr. Zandani continues. "The light bulb goes off once they see the improvements to their security posture and their morale and confidence - it’s like living your life without electricity and then all of a sudden having it – once you see what you can accomplish, there’s no turning back.”
Cytegic’s monthly threat intelligence reports are available via its website. For more on how Cytegic can transform an organization's ability to manage its cyber security posture, visit http://www.cytegic.com.
Based in Tel Aviv, Israel and Hackensack, New Jersey, Cytegic offers the first comprehensive cyber risk management platform that enables Information Security leaders to assess, manage and communicate the business impact of cyber risk to any business stakeholder. It’s suite consists of three modules: Cyber Maturity Assessment (CyMA) which monitors and manages internal security controls, Dynamic Trend Analysis (DyTA) which provides contextual, actionable threat intelligence, and the Cyber Decision Support System (CDSS) that sits on top of CyMA and DyTA and provides a single pane of glass for CISOs to identify, prioritize and respond to cyber risks with unprecedented clarity and agility. Founded in 2012, Cytegic is privately funded. Its customers include Bank Leumi, Amdocs, PwC and some largest banking institutions. For more information, visit http://www.cytegic.com.