As the threat landscape continues to evolve, understanding current cybersecurity trends is more important than ever for organizations worldwide.
Prior to the upcoming Cyber Security & Cloud Expo Europe, Bernard Montel, EMEA Technical Director and Security Strategist at Tenable, shares insights into the shifts in cybersecurity over the past five years and the challenges shaping the industry today.
In the midst of increasingly sophisticated threats, Montel’s perspectives on risk management, proactive security measures, and the role of emerging technologies like AI in cybersecurity provide valuable guidance for navigating the current landscape.
Cloud Tech: How has the cybersecurity landscape changed in the last five years?
Bernard Montel: The global pandemic has transformed the way we work, with many organizations transitioning to remote operations almost overnight. This shift has had a significant impact on cybersecurity:
- The home network, previously unsecured, became an extension of the corporate network, expanding the threat landscape.
- Virtual Private Networks (VPNs) and multi-factor authentication (MFA) became essential for securing remote connections.
- The move to cloud resources simplified remote work and added a layer of security for organizations.
The acceleration of cloud services post-pandemic has revolutionized the way we work, eliminating the need for physical infrastructure and enabling secure remote access.
While some on-prem solutions are still in use, most organizations now operate in a hybrid environment, combining private and public cloud resources.
Today’s new normal has fragmented the traditional “castle” of the corporate network, resulting in a larger and more dynamic attack surface.
CT: What are the top current cybersecurity trends?
BM: Ransomware remains a top threat, with daily attacks on organizations increasing in frequency and severity.
Cloud security presents a challenge as organizations transition to cloud-based resources, requiring a rethink of security practices.
Identity management has become a major concern, with the complexity of managing identities across various platforms and services.
AI is also a key focus, offering both attackers and defenders new capabilities for cybersecurity.
Utilizing AI technologies can accelerate research and development cycles, enhance threat detection, and enable faster decision-making.
CT: What should organizations consider regarding security risks?
BM: Known vulnerabilities are often exploited by threat actors to gain access to organizational infrastructure.
Non-malicious misconfigurations, human errors, and the belief that smaller organizations are not targets are common pitfalls that leave organizations vulnerable.
Ransomware attacks have evolved to include double extortion methods, increasing pressure on organizations to pay ransom.
Understanding the global context and adopting a proactive, preventive approach to risk management is crucial for reducing cybersecurity risks.
Identifying and addressing areas of exposure is essential for closing security gaps and staying ahead of evolving threats.
