Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Enterprise. Show all posts
Risk Management
Cloud Cyber Security cybersecurity best practices cybersecurity posture Enterprise enterprise cybersecurity Google Cloud Platform Infrastructure Risk Management

Posture Management Emerges as Strategic Cybersecurity Priority Amid Cloud and Data Fragmentation

 

Posture management is rapidly evolving into a cornerstone of enterprise cybersecurity as organizations grapple with increasing digital complexity. With infrastructures now sprawling across cloud platforms, identity services, and data environments, the traditional model of siloed risk monitoring is no longer sustainable. As a result, cybersecurity leaders are embracing posture management not only to gauge exposure but also to orchestrate defenses in real time. 

This shift reflects a broader industry movement toward unifying visibility and control. “From a business perspective, large organizations have M&A — they have rollups; they have multiple divisions. They’re not centralized; they’re across globes,” said Erik Bradley, chief strategist and director of research at Enterprise Technology Research. “There’s no way that we’re ever going to see a consolidation on one platform.” 

Bradley shared these insights during a conversation with theCUBE’s Jon Oltsik and Dave Vellante at the RSAC 2025 Conference, hosted by SiliconANGLE Media. The discussion focused on how posture management is becoming integral to modern security operations by improving visibility, minimizing tool sprawl, and enabling strategic risk reduction across complex IT environments. Security teams are increasingly recognizing the limitations of point solutions. 

Instead, they’re exploring how posture management can serve as a foundational layer across enterprise-wide platforms. “We’re carving up terminology and confusing the market,” said Oltsik. “IT is moving so quickly and it’s so specialized that you need specialized posture management tools for cloud, identity, and data.” Leading cybersecurity vendors like CrowdStrike and Palo Alto Networks are embedding posture management into broader security suites, aligning it with automation, identity access controls, and even password management. 

These integrations aim to reduce operational overhead while enabling faster, more accurate threat detection. According to Bradley, these vendors view posture management as both a preventive control in peacetime and a readiness tool in active cyber warfare scenarios. However, challenges persist—particularly around data fragmentation. Although many vendors tout strong telemetry capabilities, few offer complete visibility across all domains. 

This leaves enterprises vulnerable to gaps in their defenses, especially as they try to consolidate vendors and reduce redundancy. “No CSO is going to go all-in with one provider,” Bradley emphasized. “They’re focused on consolidating redundant vendors and streamlining operations without sacrificing visibility or security.” 

As cybersecurity evolves, posture management is no longer a niche function—it’s becoming the backbone of a resilient, scalable defense strategy.
Read more »
Technology
AI Automation Business Enterprise Organization security Technology

Threat Alert: Hackers Using AI and New Tech to Target Businesses

Threat Alert: Hackers Using AI and New Tech to Target Businesses

Hackers are exploiting the advantages of new tech and the availability of credentials, commercial tools, and other resources to launch advanced attacks faster, causing concerns among cybersecurity professionals. 

Global Threat Landscape Report 2025

The 2025 Global Threat Landscape Report by FortiGuard Labs highlights a “dramatic escalation in scale and advancement of cyberattacks” due to the fast adoption of the present hostile tech and commercial malware and attacker toolkits.  

According to the report, the data suggests cybercriminals are advancing faster than ever, “automating reconnaissance, compressing the time between vulnerability disclosure and exploitation, and scaling their operations through the industrialization of cybercrime.”

According to the researchers, hackers are exploiting all types of threat resources in a “systematic way” to disrupt traditional advantages enjoyed by defenders. This has put organizations on alert as they are implementing new defense measures and leveling up to mitigate these changing threats. 

Game changer AI

AI has become a key tool for hackers in launching phishing attacks which are highly effective and work as initial access vectors for more harmful attacks like identity theft or ransomware.

A range of new tools such as WormGPT and FraudGPT text generators; DeepFaceLab and Faceswap deepfake tools; BlackmailerV3, an AI-driven extortion toolkit for customizing automatic blackmail emails, and AI-generated phishing pages like Robin Banks and EvilProxy, making it simple for threat actors to make a swift and dirty cybercrime business. 

The report highlights that the growing cybercrime industry is running on “cheap and accessible wins.” With AI evolving, the bar has dropped for cybercriminals to access tactics and intelligence needed for cyberattacks “regardless of an adversary's technical knowledge.”

These tools also allow cybercriminals to build better and more convincing phishing threats and scale a cybercriminal enterprise faster, increasing their success rate. 

Attackers leveraging automated scanning

Attackers are now using automated scanning for vulnerable systems reaching “unprecedented levels” at billions of scans per month, 36,000 scans every second. The report suggests a yearly rise in active scanning to 16.7%. The defenders have less time to patch vulnerable systems due to threat actors leveraging automation, disclosing security loopholes impacting organizations. 

According to researchers, “Tools like SIPVicious and commercial scanning tools are weaponized to identify soft targets before patches can be applied, signaling a significant 'left-of-boom' shift in adversary strategy.”

Read more »
Subscribe to: Posts (Atom)