It’s important for security to be proactive

by Jon Heimerl

09 March 2020

Two men in a room and looking at a dashboard on a large screen

All organizations are at risk of a cyberattack. These attacks can take many forms: social engineering, denial of service, brute forcing, phishing, a variety of malware and more.

In many cases, organizations find themselves reacting to the world around them – trying to counter the newest exploits and attacks. But if an organization is constantly reacting to a dynamic threat, they’re in danger of always trying to catch up.

Instead, if organizations can take actions to be more proactive, they may be able to seize the opportunity to plan their own security strategies, instead of having many of those strategies dictated to them. If organizations can take the chance to prioritize the controls they want, they increase their ability to exercise more control over their environment.

Know your hackers’ tactics to stop them in their tracks

One way to do this is to recognize how attackers are targeting the organization. For example, two of the most common types of attacks we observed in 2019 were application-specific and web-application attacks – attacks which predominately focus on the organization’s web presence. If you can take that information and move forward with positive actions to deny those attacks, that’s an opportunity to be more proactive about your own security.

Since we know attackers are focusing on web-application and application-specific attacks, the March 2020 GTIC Monthly Threat Report provides a list of 10 recommendations organizations can consider to help exercise proactive control over their environment.

Cybersecurity preparations ahead of Summer Olympics

Defining the ability to emphasize proactive controls is exactly why NTT Ltd. researchers and analysts helped the Cyber Threat Alliance write its 2020 Summer Olympics Threat Assessment report. If organizations such as the respective Olympics committees and supporting organizations understand the types of threats they’re likely to be facing, they can plan proactive security measures designed to help mitigate attacks.

A photo of a crowd cheering and clapping at a sports event

A cautionary warning about those coronavirus attacks

We recognize that the coronavirus is global news. Everyone’s interested in the impact of the virus, and the danger its potential spread presents to the world. Everyone wants to understand the threat it poses, and how we can manage it, if that’s even possible. It should come as no surprise then that if everyone’s interested in the coronavirus, attackers are as well. The result is that attackers are using phishing and spam emails pretending to include valuable updates on the coronavirus, playing on people’s fears, while they spread their own attacks, malware, redirects and credential phishing. But, if we know that’s what attackers are doing, we can be better prepared to avoid these attacks when we see them.

To be better prepared, read more in the March 2020 edition of the GTIC Monthly Threat Report.

And register here to receive a copy of future Monthly Threat Reports directly to your email as soon as they are published.

Jon Heimerl

Jon Heimerl

Senior Manager, Threat Intelligence Communication Team NTT Ltd.