Blog

The Defender's Advantage Cyber Snapshot, Issue 5 — Insiders, Applications, and Mitigating Risk

Jennifer Guzzetta
Dec 14, 2023
3 min read

The Defender’s Advantage Cyber Snapshot report provides insights into cyber defense topics of growing importance based on Mandiant frontline observations and real-world experiences. 

The fifth edition covers a wide range of topics, including the ideology and landscape of insider threats, critical steps to help mitigate your cyber risk, the growth of maritime industry targeting, securing your application's cyber defenses, and the importance of intelligence-led threat hunting.

Download the full Defender's Advantage Cyber Snapshot, Issue 5 report to learn more about these five hot topics: 

  • Understand Why (and How) Attackers Bypass Your Application's Defenses: There is a constant disconnect between the types of security assessments organizations request and the evaluations they actually need to improve their cyber defenses. In particular, when assessing a web application, it’s critical to take into account the holistic view of technical and logical controls, not simply the singular view offered by an unauthenticated assessment. 
  • Proactive Cybersecurity: 6 Critical Tasks to Mitigate Risk: In 2023, the sheer number of vulnerabilities found by both ethical security researchers and threat actors soared, which led to widespread exploitation of these significant vulnerabilities. Organizations should prioritize proactive security initiatives to mitigate these vulnerabilities — before the next widespread event occurs — based on the type of risk, level of effort required, and capabilities of their security team.
  • Strengthening Cyber Defense Through Intelligence-led Threat Hunting: The volume and velocity of security data generated by organizations continues to mount, making it more challenging for security operations teams to identify suspicious behavior. Hunt teams that leverage threat intelligence to track previously unknown malicious activity can identify and investigate harmful activity, reduce the cost of a breach by responding faster, and increase understanding of the operating environment to better detect anomalies. 
  • The Evolving Insider Threat Landscape: Mindset, Opportunities, and Circumstances: With authenticated access, insiders have intimate knowledge of the organization, including the people, processes, and technologies applied. They continue to evolve their behaviors based on changing motivations. The latest iteration of insiders are adaptable, unpredictable, technologically agile, and often fueled by selling credentials to third parties — ultimately complicating detection. This makes it crucial for organization's to have a deeper understanding of the modern insider mindset and take steps to enhance their cyber defenses against them.
  • Maritime: A Supply Chain Target: A disruption to the maritime industry can have a cascading effect that will impact a wide range of other industries that depend on trade operations, making this sector a prime and growing target for threat actors. This year alone brought a sharp increase in attacks against this sector from both nation-state and financially motivated groups. Given the critical role that maritime transportation plays in the global economy, it is imperative for maritime organizations to take steps that can mitigate the risk of a cyber incident.

To read these articles in their entirety, download the latest edition of The Defender’s Advantage Cyber Snapshot, Issue 5 today.