At RSA Conference 2021, VMware will showcase how the company helps eliminate the complexity existing approaches with more interconnected security
New threat landscape report details how attackers are successfully evading perimeter defenses
PALO ALTO, Calif.–(BUSINESS WIRE)–At RSA Conference 2021, VMware security experts will highlight opportunities for continued evolution in cybersecurity strategies and prescriptive actions for how modern organizations can rethink their approach to security. This includes helping organizations have internal conversations about the “hard truths” of security, adopting new security approaches that simplify implementation of Zero Trust security, and more effectively protecting today’s multi-cloud and distributed enterprise.
Cybersecurity has long been a domain of innovation but is reaching a point of diminishing returns. According to Gartner, end-user spending for the information security and risk management market is estimated to grow at a compound annual growth rate of 8.7% from 2020 through 2025 to reach $213.7 billion in U.S. dollars(1). At the same time, Cybersecurity Ventures reports global cybercrime costs are expected to grow by 15% per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015(2).
VMware believes the answer is not some new security product or feature, or a different type of analytics. What’s needed are structural and architectural changes to how organizations approach security. VMware Security enables customers to implement Zero Trust with fewer tools and silos, and scale response with confidence, speed, and accuracy by joining the critical control points of users, devices, workloads, and networks and delivering security as a built-in distributed service. VMware Security enables customers to better detect and respond to exposures and attacks quickly; remediate known and potential threats faster; simplify security operations; and make more effective use of resources.
New Threat Landscape Report Highlights Extent of Threats Evading Perimeter Defenses
Highlighting the need for a new approach, particularly inside the perimeter, is a newly released threat landscape report from the VMware Threat Analysis Unit(3). In “North-by-South-West: See What Evaded Perimeter Defenses,” the findings are clear: despite a cadre of perimeter defenses being deployed, malicious actors are actively operating in the network. The research presents a clear picture of how attackers evade perimeter detection, infect systems, and then attempt to spread laterally across the network to execute their objective. Key insights include:
The best offense is to evade defense: Evasion of defense systems is the most encountered MITRE ATT&CKtactic used by malware, followed by execution and discovery. More than half of the network anomalies detected are unusual beaconing, followed by connections on suspicious ports and anomalous connections between two hosts.
When it’s commonly used, it’s commonly abused: Email continues to be observed as the most common attack vector to gain initial access with more than four percent of all business emails analyzed containing a malicious component. Attackers appear to be massively scaling up operations via an email campaigns weaponizing ZIP file attachments with malicious content. More than half of all malicious artifacts analyzed were delivered by a Zip archive. Finally, more than 75 percent of lateral movement events identified were conducted using Remote Desktop Protocol (RDP) often using stolen credentials to log in to other hosts on the network.
In with the new (no but out with the old): The most common bad security practice being observed is the transmission of clear-text passwords over the network, which can provide attackers the keys to the kingdom, enabling them to move laterally and exfiltrate data. Additionally, events associated with crypto mining activity account for a quarter of all known threats observed, signaling a new threat vector that is emerging.
VMWARE SESSIONS AT RSA CONFERENCE 2021
Keynote – Telling Hard Truths to Impact Change in Cybersecurity
Monday, May 17, 2021 starting at 8:35 AM PT
Jimmy Sanders, Information Security, Netflix DVD
Angela Weinman, Head of Global Governance, Risk, and Compliance, VMware
Zero Trust, Zero Pain: A Practical Implementation of Zero Trust with Intrinsic Security
Monday, May 17, 2021 at 11:20 AM PT
Pere Monclus, CTO, Networking and Security business unit, VMware
Shawn Bass, CTO , End-User Computing business unit, VMware
Enemy Inside the Gates: Securing the New Battleground
Monday, May 17, 2021 at 12:05 PM PT
Tom Gillis, Senior Vice President and General Manager – Networking and Security business unit, VMware
Christopher Kruegel, Vice President of Security Services, VMware
SASE: Separating Fact from Fiction (BOF Roundtable)
Monday, May 17, 2021 at 3:30 PM PT
Tim Van Herck, Director Technical Product Management, VMware
Escalation from Heist to Hostage Modern Bank Heists 4.0
Tuesday, May 18, 2021 at 10:05 AM PT
Tom Kellermann, Head of Cybersecurity Strategy, VMware, and Member of the Cyber Investigations Advisory Board for the U.S. Secret Service
Creating a Culture of Resiliency (BOF Roundtable)
Tuesday, May 18, 2021 at 1:30 PM PT
Rick McElroy, Principal Cybersecurity Strategist, VMware
Attend the VMware On-Demand Briefings below
- Operationalizing Zero Trust with VMware (SB-3144)
- Zero Trust to Full Trust – Security for the Distributed Workforce (SB-3151)
- Improving Public Cloud Security & Compliance Posture (SB-3249)
- Shift Security Left and Accelerate Application Deployments (SB-3206)
- Data Center Security Survival Guide (SB-3145)
- How to Protect Your Remote Workforce from Ransomware Attacks (SB-3146)
1-Gartner “Forecast: Information Security and Risk Management, Worldwide, 2019-2025, 1Q21 Update,” March 2021, IDG00743366
2-CyberSecurity Ventures Special Report: Cyberwarfare in the C-Suite, November 2020
3-The report compiled by the VMware Threat Analysis Unit summarizes key data and findings observing millions of networks / network segments from July 2020 to December 2020. It highlights threats that evaded perimeter defenses and were identified by VMware sensors placed inside the perimeter.
VMware software powers the world’s complex digital infrastructure. The company’s cloud, app modernization, networking, security, and digital workspace offerings help customers deliver any application on any cloud across any device. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough technology innovations to its global impact. For more information, please visit https://www.vmware.com/company.html.
Roger T. Fortier
VMware Global Communications
+1 (408) 348-1569
VMware Global Communications
+1 (470) 247-1987
Source: VMware, Inc.