There have been multiple factors that make 2020 an unprecedented year, as it relates to both the geopolitical reality and the threat landscape. While some of the factors are so obvious and widely recognized they have practically become cliché, there are some specific and actionable trends we can all zero-in on to improve our security outcomes.
Even before the recent pandemic and social unrest, there was an upward trend in the complexity and sophistication of attacks, supported or perpetrated by advanced threat actors. Tactics / TTPs that we previously considered as reserved for tier-one targets are now beginning to hit ordinary large and mid-market companies - and, techniques that were previously considered reserved for APT data egress are now becoming part of ransomware playbooks, frameworks and toolsets.
As more complex attacks become increasingly mainstream, what is our strategy for protecting ourselves in this new era?