In response to sophisticated and targeted cyberattacks, organisations have begun to shift their focus to proactive strategies that employ advanced cybersecurity technology and techniques.
Threat Hunting, a strategy for investigating potential threats before they cause harm, is drawing the attention of CISO’s and security experts across the world, and for good reason.
During the second edition of the Panda Security Summit 2019 in Madrid last month, speakers from the telecoms, banking and cybersecurity industries expressed the importance of proactive cybersecurity approaches such as Threat Hunting.
Curro Márquez and Jesús Ponce from Cyber Intelligence at Telefonica explained that cyber intelligence should be considered a pillar of digital security for its holistic approach encompassing prediction, prevention, detection and response to threats.
This is a stance to which many of the speakers agreed. Lucas Varela, e-crime and security analytics manager at Caixa Bank, said that financial institutions should be looking to intelligence systems to investigate and detect threats, particularly banking trojans.
Over the course of PASS2019, the evasive behaviour of cybercriminals presented as a key concern for organisations, with experts discussing the importance of the adoption of advanced EDR (endpoint detection and response) technology to ensure that even malware hidden in legitimate programmes is detected and blocked.
Integrating advanced EDR technology and tools like machine learning and automation can give an organisation invaluable insight into user behaviour, risk behaviour and security event data that result in a robust cybersecurity status.
Senior director analyst at Gartner, Pere Shoard, emphasised the importance of behavioural analysis when it comes to efficient threat hunting strategies.
Pedro Uría, director of PandaLabs, concluded that malware is no longer the problem – “the challenge lies in increasingly sophisticated targeted attacks that don’t employ malware – therefore the only valid approach is to adopt a ‘zero-trust’ policy, whereby only trusted processes are allowed to run.”
Jose Sancho, president of Panda Security, mirrored Uría’s sentiment on the value conference adding that he believes Panda Security is well aligned to take on the challenges we face today.