White Hat Hackers on Offensive Against Black Hat Ones, Report

According to a report released Wednesday by a hacking and attack modelling company, organizations are increasingly going on the offensive to prevent threats before they turn into attacks.

In its report on the state of vulnerability management and security validation for 2024, Cymulate claims that security leaders recognize that the scheme of buying new technologies and the insane state of vulnerability management “find-fix” does not work.

Instead of waiting for the next major cyber attack and hoping that they have the proper defence, the report goes on to say, security managers now more than ever stick to a proactive approach to cybersecurity, identifying and eliminating security gaps before attackers discover and exploit them.

The report, which collects anonymized data from attack surface assessments, simulated attack scenarios and campaigns, and automated red teaming actions for more than 500 Cymulate clients, highlights a proactive approach that uses an attacker’s point of view to identify and eliminate security gaps before attackers find and exploit them.

Traditionally, security controls have been tested in a very limited way as part of the annual red team assessment or penetration testing, explained Cymulate  Field CTO David Kellerman.

Matt Quinn, CTO for Northern Europe at XM Cyber, a hybrid cloud security company headquartered in Herzliya, Israel, agreed that a proactive approach is being considered more often because focusing on detecting attacks as they occur is simply ineffective in itself.

Security managers are increasingly adopting a proactive approach to cybersecurity, said Kelly Gunter, senior manager of cyber threat research at Critical Start, a national cybersecurity services company.

Rob T. Lee, director of curriculum and head of faculty at the SANS Institute, a global cybersecurity training, education and certification organization, cited several preventive measures that organizations are currently implementing.

These strategies include implementing threat analysis services to anticipate potential attacks, conducting regular penetration testing to identify vulnerabilities, and implementing “zero trust” frameworks that automatically do not trust anything inside or outside the organization.

Artificial intelligence can become another tool in a proactive enterprise strategy, says Matt Hillary, vice president of security and CISO at Drata, a San Diego-based security and compliance automation company.

Artificial intelligence can help companies identify and address security gaps by identifying critical vulnerabilities in advance and supporting measures to address them.

For example, Hilary explained that artificial intelligence can be used to circumvent the perimeter of a company’s network to find out which systems or applications are connected to the Internet and what risks they may carry.

Elisha Ridlinger, executive director of NeuShield, a data protection company in Fremont, California, added that there has always been a certain percentage of organizations that took security seriously and worked to implement proactive security solutions.

The Cymulate report also revealed that organizations are facing an increasing number of data breaches due to the declining effectiveness of their Data loss Prevention (DLP) measures. It was found that the risk of data leakage increased from 33 in 2021 to 46 in 2024.

John Bembenek, president of Bambenek Consulting, a cybersecurity and threat analysis consulting firm in Schaumburg, Illinois, noted that organizations also use data exfiltration in other ways.