security

Cyber security threats: the hits keep coming – Marketscreener.com








It’s October and that means it’s Cyber Security Awareness Month once again. Cyber security threats continue to evolve and proliferate at increasing speed. Opportunistic attackers are taking advantage of everything from remote working and cloud configuration errors to poorly defended operational technology protecting vital infrastructures. And they’re becoming more professional with models like ransomware-as-a-service.

DXC Technology has identified 10 threat types that are presenting major challenges to organizations worldwide. We’ve also outlined our top strategies for defending against these threats.

Top 10 cyber security threats

Businesses are facing threats from every direction, including:

  1. Supply chain threats. Supply chain attacks, such as the one experienced by Solar Winds, are particularly problematic because even if your own security is robust, they can infiltrate your environment through vulnerabilities in your suppliers’ security.
  2. Attacks on Linux and other non-Microsoft operating systems. Attackers are increasingly expanding beyond the Microsoft operating system. For example, Vermilion Strike rewrote the Cobalt Strike Windows red team tool to attack Linux systems.
  3. Persistence of major ransomware players. Major ransomware gangs such as the REvil ransomware-as-a-service operation do not generally disappear, but rather hibernate to avoid increased scrutiny or adopt new names. The ransomware-as-a-service model has enabled these groups to greatly expand their affiliate hackers and revenues.
  4. Remote work force vulnerabilities. In a recent survey, 67 percent of respondents said attacks had targeted remote workers and 74 percent said an attack had resulted from vulnerabilities related to COVID-19. It appears companies have not sufficiently adapted their security strategies in response to the new remote workforce reality.
  5. Cloud attacks due to misconfiguration. According to IBM, two-thirds of recent cloud breaches “would likely have been prevented by more robust hardening of systems, such as properly implementing security policies and patching systems.” Issues with credentials and policies “trickled down to the most frequently observed initial infection vectors (including) improperly configured assets, password spraying, and pivoting from on-premises infrastructure.”
  6. Zero-day threats. New security vulnerabilities not matching any known malware signature have reached new highs this year, with at least 66 zero-day viruses and other malware found in use already.
  7. Threats to operational technology (OT) systems. Attacks on OT devices – such as the Colonial Pipeline compromise – skyrocketed 46 percent this year. Utilities and manufacturing sectors are particularly at risk. Cyber security measures for OT are still weak or nonexistent in many cases.
  8. Brand abuse attacks. In almost half of these fraud attacks, cybercriminals impersonated credible brands to harvest consumer login credentials or personal data. These attackers spoofed digital content and experiences by creating fake social media profiles, rogue mobile apps or hoax websites.
  9. Ransomware recovery key destruction. Some ransomware gangs such as Grief and Ragnar Locker have threatened to delete victims’ decryption keys if an organization involves authorities or a negotiation firm, rendering data unrecoverable.
  10. Zero-click mobile threats. These insidious attacks, which enable malware to install itself on a victim’s device without the person clicking on a link, are on the rise for Android and Apple devices.

The best defense: good cyber hygiene

In DXC’s experience, the best defense against sophisticated emerging threats is to get the basics right. Simple mistakes such as misconfigured cloud settings, weak passwords, and unpatched or outdated software can lead to major operational disruption and data leaks.

Follow these fundamental security hygiene practices to ensure you’re well-fortified against both known and emerging cyber security threats:

  • Get configurations right. Review your configuration management database (CMDB) and plan a decision process that defines security tiers from most to least secure.
  • Monitor the security controls that you set up. If an alert is triggered but no one quickly notices it, the hackers will have time to gain a foothold in your environment.
  • Improve identity management. Problems often result from having too many highly privileged accounts, especially if some are disabled or unused, or from a lack of multifactor authentication.
  • Know your crown jewels. Determine which assets are essential for the organization’s survival and which are less critical, then assign security controls accordingly.
  • Increase visibility into third-party suppliers. Identify, document and define the risks associated with all your third-party suppliers and service providers.
  • Keep up with patching and updating. Establish good coordination between the IT department and the security organization so you can verify that software and operating systems patching directives are carried out across the entire organization by operational IT teams.
  • Keep and secure reliable backups. Perform regular, complete backups for all essential systems and isolate them to protect from attacks. Know how to rebuild quickly from the backup and perform disaster recovery exercises regularly.
  • Build security into all new applications and solutions. Security should not be a second thought; it’s more effective and ultimately simpler to build it in from the start, using native capabilities of your cloud platforms and operating systems when possible. Validate security once new systems go live with penetration testing and vulnerability scanning.

Disclaimer

DXC Technology Co. published this content on 11 October 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 13 October 2021 19:51:06 UTC.

Publicnow 2021

All news about DXC TECHNOLOGY COMPANY

Analyst Recommendations on DXC TECHNOLOGY COMPANY

Sales 2022 16 743 M

Net income 2022 430 M

Net Debt 2022 2 010 M

P/E ratio 2022 19,2x
Yield 2022
Capitalization 8 381 M
8 381 M
EV / Sales 2022 0,62x
EV / Sales 2023 0,57x
Nbr of Employees 134 000
Free-Float 97,2%

Chart DXC TECHNOLOGY COMPANY



Duration :


Period :




DXC Technology Company Technical Analysis Chart | MarketScreener

Technical analysis trends DXC TECHNOLOGY COMPANY

Short Term Mid-Term Long Term
Trends Bearish Neutral Bullish



Income Statement Evolution

Sell

Buy

Mean consensus OUTPERFORM
Number of Analysts 11
Last Close Price
33,27 $
Average target price
45,27 $
Spread / Average Target 36,1%




READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.