Cybercriminals work 24/7 – so should your cybersecurity

Cyber ​​criminals love this kind of message, especially its implications.

Hackers often try to exploit organizations outside office hours, weekends and holidays because the defenses — at least from a manpower perspective — literally don’t work and response times are much slower.

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have a cautionary warnings on this practice, pointing to ransomware attacks on US-based critical infrastructure entities during the 2021 Memorial Day and Fourth of July holiday weekends.

A recent study by cybersecurity software company Cyber ​​Agetitled Risk organizations: ransomware attackers don’t take a vacationalso revealed that 90% of cybersecurity professionals are concerned about weekend/holiday attacks and 24% have no specific plans to address heightened risks on holidays and weekends, even despite having previously been attacked out of office hours.

To help organizations better prepare 24/7, Cybereason announced their new Cybereason Managed Detection and Response (MDR) mobile app today at Black Hat. The app will be available later this month for both Android and iOS devices.

“Security analysts face alert fatigue, staff shortages and more attacks during off-peak hours,” said Lior Div, CEO and co-founder of Cybereason. “These charges demanded a response.”

XDR and real-time cybersecurity response

According to Markets and Marketsthe comprehensive detection and response (XDR) market size is expected to grow from $985 million in 2022 to $2.36 billion in 2027, with a compound annual growth rate (CAGR) of just over 19%.

Cybereason’s AI-powered XDR platform helps security analysts quickly understand the full scope of attacks in real time through a proprietary MalOp (malicious operations) detection engine.

The company’s new MDR app essentially provides defenders with a mobile security center (SOC), Div said. Cybersecurity experts can reduce the mean time to recovery by suspending the lateral movements of an attack directly from their devices. Users will see detailed information for active MalOps, how they are mapped to the MITER ATT&CK framework, and the critical threat level.

The app provides anytime access to dashboards and enables rapid identification and isolation of compromised machines to help minimize and minimize downtime and workflow disruptions. Users can also maintain constant contact with the Cybereason Global SOC to immediately address potential threats.

In addition, the app links to industry reports and news so that users can stay up to date on the latest tactics, techniques and procedures used by national threat actors and cybercriminal ransomware gangs.

A 24/7/365 threat landscape

The new app is especially important in today’s 24/7/365 cybercrime landscape, Div said.

According to the survey, 60% of security professionals said weekend and holiday attacks took longer to assess scope, and 50% said after-hours attacks took longer to mount an effective response.

Also from the study:

• 36% of respondents who experienced an attack said they believed it was successful because there was no emergency plan and only a limited number of employees to respond.
• 33% needed a longer period of time to fully recover from such attacks.
• 12% said their organizations suffered more revenue loss as a direct result of delayed response times.

On the human side, 86% of respondents said they missed a holiday or weekend activity due to a ransomware attack. Div pointed out that the latter figure can play a huge role in employee satisfaction, potential burnout, and employee turnover — all of which can further work in favor of a potential cyber attacker.

Cybereason competes in this growing market with the likes of SentinelOne, CrowdStrike, Trend Micro, Fortinet, Sophos and Cisco.