Alok Sahay Country Manager India Saarc

Alok Sahay
Sales Director India & SAARC
alok.sahay@holmsecurity.com
+91 8800-67 77 99

Welcome to India!

Hi! My name is Alok and I'm your local representative in India. Looking for a cyber security solution and vulnerability management? Let's talk! 

View products

Book demo

Faurani Ahmad Sales director Southeast Asia

Ahmad Faurani
Sales Director Southeast Asia
ahmad.faurani@holmsecurity.com
+60 19 434 2727

Welcome to Malaysia!

Hi! My name is Ahmad Faurani and I'm your local representative in Malaysia. Looking for a cyber security solution and vulnerability management? Let's talk! 

View products

Book demo

cristian-miranda-holm-security

Cristian Miranda
Key Account Manager, Finland
cristian.miranda@holmsecurity.com
+46 8-550 05 582

Tervetuloa Suomeen!

Hei! Nimeni on Cristian ja olen paikallinen edustajasi Suomessa. Etsitkö tietoturvaratkaisua ja haavoittuvuuksien hallintaa? Puhutaan!

Lue lisää

Kirjaesittely

victor-bunge-meyer-holm-security

Victor Bunge Meyer
Key Account Manager, Sverige
victor.bunge-meyer@holmsecurity.com
+46 08-550 05 582

Holm Security i Sverige

Välkommen till Holm Security i Sverige! Jag heter Victor och är din lokala kontakt. Kontakta mig om du vill veta mera om vår platform för sårbarhetsanalyser. 

Läs mer här

Boka demo

 

Beth Murrell holm security

Beth Murrell
Account Manager, Benelux
elizabeth.murrell@holmsecurity.com
+31-20-238 63 94

Welkom in de Benelux!

Mijn naam is Beth Murrell en ik ben uw lokale vertegenwoordiger in Nederland, België en Luxemburg. Op zoek naar een cyberveiligheidsoplossing en kwetsbaarheidsbeheer? Laten we praten!

Lees verder

Boek een demo

jens dahlkvist holm security

Jens Dahlkvist
Key Account Manager, Norge
jens.dahlkvist@holmsecurity.com
+46 8-550 05 582

Holm Security i Norge

Velkommen til Holm Security i Norge! Jeg heter Jens og er din lokale kontaktperson.Kontakt meg hvis du vil vite mer om vår plattform for sårbarhetsanalyser.

Les mer

Personlig demo

Ronnie Jensen

Ronnie Jensen
Country Manager Denmark
ronnie.jensen@holmsecurity.com
+45 31 12 10 05

Holm Security i Danmark

Velkommen til Holm Security i Danmark! Mit navn er Ronnie og jeg er din lokale kontaktperson. Kontakt mig, hvis du vil vide mere om vores sårbarhedsanalyseplatform.

Læs mere

Personlig demo

Cyber security predictions 2020

Image of Jonas Lejon
Jonas Lejon

January 17, 2020

A new year, new vulnerabilities. From appliance hacking to password spraying - our security predictions on what we think will impact the cyber security landscape in the next year. Here are our cyber security predictions for 2020. Stay safe!

Password spraying & credential stuffing

An often-recurring question I get asked is: “When do you think passwords will disappear?”. Whatever we do we will have to tolerate passwords and PIN codes for many years to come. Attackers benefit from this by finding more platforms and protocols to try and guess the correct username and password.

My prediction is that even more platforms and protocols will experience forced attempts regarding usernames and passwords along with an increase in attacks using, for instance, 2FA through MITM (man-in-the-middle)

Zero trust & assume breach

We need to build our network and IT architecture in such a way that even if an attacker can get into an individual client computer, they are unable to escalate their rights or get further without this being promptly discovered and investigated. This demands a continuous Threat Hunting effort and good solutions for Endpoint Detection and Response (EDR).

It is important to have a baseline over how your environment looks i.e how network traffic flows and where, which software should be installed, etc., to make it more difficult to access business-critical information. It is then, therefore, easier to identify any conspicuous pattern - assuming that the attacker is already in your networks.

Appliance hacking

Last year we saw countless closed platforms, On-Premise, such as Citrix NetScaler, Pulse Secure, Fortigate (see blogpost in Swedish, external link: https://kryptera.se/attacker-mot-ssl-vpns/). Since the hardening of these platforms is often neglected and the data logging inadequate, it is consequently difficult to carry out forensic investigations and detect intrusions.

And as such, these units are usually in a central point where many are connecting or a lot of traffic pass-through occurs, making it a gold mine for attackers. In addition to reading and modifying traffic passing through the unit, there is also the opportunity to attack connecting clients. In this area, I also include Supply Chain Cyber Security, because everything that is connected and plugged into your systems should be checked, defined, or isolated.

Note that firmware/software updates can have both favorable and adverse effects on your environment in terms of security.

Threat sharing

This prediction is probably just wishful thinking on my part. Specifically, that more organizations are getting better at sharing IOCs and infringement information. With enhanced transparency and systems that enable automatic and rapid sharing of threat information, such as MISP (external link: https://www.misp-project.org/index.html) or TheHive (external link: https://thehive-project.org/).
If you work in a specific industry, I will argue that it is very important that you share your threat information – within your particular industry.

It would be serious malpractice if I did not mention MITRE's ATT&CK framework that is constantly evolving and making it easier to share issues that are not purely technical IOCs such as Tactics, Techniques, and Procedures (TTPs). An additional thought for your organization is to investigate how ATT&CK can be used in your security products such as antivirus software.

Honorable mentions

A continually recurring problem is all the connected gadgets (Internet of Things) where new vulnerabilities are discovered daily. This will most likely not decrease any time soon as more things are become connected. And perhaps 2020 be the year when we will see more security products with Artificial Intelligence (AI)?

 

Cyber Security Starts Here! 👇

Vulnerability Management is a cornerstone in a modern cyber security defense.

Book demo now

screen-shot-holm-security