http://www.digitaljournal.com/tech-and-science/technology/no-such-thing-as-a-false-positive-when-it-comes-to-cybersecurity/article/581552

No such thing as a false positive when it comes to cybersecurity Special

Posted Nov 23, 2020 by Tim Sandle
What was supposed to be the exciting start of a new decade quickly became one of the most unpredictable years of this century, as the coronavirus pandemic sent ripples through the cybersecurity sector. What can we expect next year?
Beware  computer viruses. Many computer users don t update anti-virus software
Beware, computer viruses. Many computer users don't update anti-virus software
Kacper Pempel / Reuters
As we head into 2021 how will cybersecurity develop? Huntress expert John Hammond, senior security researcher tells Digital Journal what the cybersecurity sector needs to continue with for the year ahead.
In discussion with John Hammond, senior security researcher, the following key points were raised.
In 2021, There’s No Such Thing As a False Positive
As we look back on this year, it’s no surprise that 2020 was a wake-up call for so many organizations. We saw many issues with opening up remote desktop protocol (RDP) to the Internet as a band-aid approach to allow more productivity at home during the rapid shift to remote work. The silver lining is that it surfaced nuanced conversations about using security tools effectively. We are seeing a rising tide in the small business (SMB) and value added reseller (VAR) communities. Though they need more attention when it comes to security resources and education, enterprises aren’t immune either.
When assessing their security tools, now more than ever, organizations must take a hard look at their dashboards for false positives/negatives. In 2021, there’s really no such things as perfect tools or a false positive. If your security tool is alerting you, it’s alerting you for a reason. Security controls aren’t going to be tuned when you buy them so organizations will need to learn how to adjust and modify them to meet their security and business needs.
Raising the Cybersecurity Poverty Line
When it comes to helping organizations combat cyber threats and security risks, education and awareness is an oversaturated answer, but it’s the best solution right now. Just as you wouldn’t expect a toddler to learn how to walk on its own, the industry can’t rely on organizations to educate themselves on security issues. They have a business and day jobs to tackle. Therefore we must put the onus on vendors, and the greater security community, to put on virtual events and educational sessions to make it easy to learn and upskill – ultimately raising the cybersecurity poverty line.
Sophisticated or Resourceful: The State of Hacking in 2021
Hackers will continue to go for the low-hanging fruit - password spraying and credential stuffing - whatever’s the easiest option, they will always take the path of least resistance. Though hackers and attack methods have grown more sophisticated, the fact remains that they work smarter, not harder. There’s no need to break through the window when the front door is unlocked.
Hackers are real people, computer-oriented, but real people nonetheless. That means that we – like them – need to be faster, smarter, and better than what humans can do manually. Having a defense in place and getting automated prevention and response implemented is also key. We can’t afford to keep responding with a knee-jerk reaction – security needs to be more mature than that. Organizations should spend the time tuning their security controls, or following through official hardening guides, creating processes and procedures to really move the security needle.
Money is motivation; the same motivation that hackers have for ransomware, organizations will also adopt as motivation for protection. Every single organization should have their own vulnerability disclosure program (VDP) because if you don’t have your own talent poking at stuff all the time, there’s a good chance someone else with less than ethical standards already is. Third-party bug bounty companies are a point-in-time approach whereas a penetration testing program with an onsite staff is more comprehensive.
There’s a balancing of the scales when hackers are becoming more sophisticated. Things like bug bounty programs, building out that cadre of white hat hackers to do things for the right reasons before the black hat hackers do, is one way to identify and implement a hardened defense. I expect we’ll see more organizations strengthening that muscle – and flexing it – in the coming year.
2021 Is Actually the Year of Uncertainty
After everything that has happened in 2020, we need to embrace the answer that we don’t know what is going to happen in 2021. There is already conversation around 6G when we haven’t really understood 5G. WiFi 7 has entered dialogue when WiFi 6 hasn’t even been implemented. AI and ML haven’t truly been uncovered despite how much industry attention (and hype) it’s been afforded over the years. Though we will see the same stuff we’ve always seen, there’s much that we won’t be able to anticipate. When there are plenty of challenges and unsolved issues today, we need to stop trying to see the future when we can't even address the past.