• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

Offence is the best defence in cybersecurity

Allen Own by Allen Own
May 27, 2022
Photo by Andrea Piacquadio from Pexels: https://www.pexels.com/photo/strong-sportsmen-ready-for-running-on-stadium-3764011/

Photo by Andrea Piacquadio from Pexels: https://www.pexels.com/photo/strong-sportsmen-ready-for-running-on-stadium-3764011/

As we near the halfway point of 2022, enterprises around the world are preoccupied with cybercrime. Its spectre trumps concerns over the pandemic, war, climate change and even supply chain upheaval, according to the Allianz Risk Barometer.

Which cyber exposures concern your company most over the next year? (Top four answers)
Source: Allianz Risk Barometer 2022

The upheaval of the past two years and the mass migration of businesses online and to the cloud have created abundant new opportunities for technologically skilled criminals. Last year, the rate of weekly cyberattacks on firms increased 50%, and close to half of the global enterprises suffered ransomware attacks, from which recovery cost an average of US$1.85 million. Meanwhile, according to a Crowdstrike survey in APAC, over a quarter of the respondents say their organisations don’t have a cybersecurity emergency response plan or aren’t aware if one exists, and 70% of survey respondents are more concerned now about cyberattacks than before the pandemic.

The threat is ever-present and evolving, and traditional cybersecurity measures are struggling to keep up. Businesses have rightly made staff more aware of the risk and of their role in preventing attacks and have introduced mechanisms to make it easier to report suspicious activity such as phishing. But such measures are just the start of making an organisation more secure.  Many enterprises focus on single attack methods such as ransomware or viruses which, while widespread, are just facets of a much bigger problem caused by hackers.

At its core are increasingly sophisticated collectives of hackers who are experienced, advanced, well-informed, and can tailor attack methods to breach defences as needed.

Enterprises are like sitting ducks: they recognise the threat and are worried about it but are essentially waiting for it to strike them. Over the years, we found that even top-tier private and public sector organisations have shown that gaps or vulnerabilities remain after heavy investment in cybersecurity systems that check the boxes.

Shift cybersecurity mindset

A good starting point for an organisation is to conduct an audit of its information and where it sits. If even part of an enterprise’s external system is exposed to the internet, sensitive information may be at risk. It could also be a way for cyber attackers to gain control of core systems, which could suspend operations and services.

Organisations need to develop their cybersecurity strategy from the attackers’ perspective. As cybersecurity becomes a part of geopolitics and military-level concerns, businesses need to proactively detect risks to deflect attacks.

Any defence system that claims to be impenetrable will inevitably become penetrable — it is just a matter of time. A much better approach to building defence is to challenge an enterprise head-on to identify its weaknesses.

Offensive cybersecurity simulates the hacker mindset to carry out attacks in multiple intrusion scenarios, highlighting vulnerabilities and necessary fortification measures, and puts an enterprise on guard for when a real attack happens.

Offensive cybersecurity is on the rise

The adoption of offensive security services is on the rise around the world. The global penetration testing market is set to grow from US$1.6 billion in 2021 to US$3 billion by 2026. Between 2020 and 2021, Taiwanese enterprises that deployed the Red Team Assessment increased from 3.5% to 6.4%, a survey from iThome indicated.

These assessments can help identify zero-day vulnerabilities (previously unknown cracks in a piece of software) and test the resilience of employee passwords, physical hosts, virtual hosts and servers. Even stringent cybersecurity defensive measures can leave room for threat actors to breach; a pre-emptive stress test can put control back in an enterprise’s hands.

Organisations need to see the deployment of a defensive system as a starting measure, not a solution that they can leave to their own devices. It is critical for enterprises to utilise offensive cybersecurity measures to test their defences and put resources where they are most necessary. Only by thinking like hackers can we be successful in defeating them.

Related:  Digital banking innovation intensifies competition
Tags: Allianz Risk BarometerCrowdStrikecybersecurityDEVCORE
Allen Own

Allen Own

Allen Own is the co-founder and CEO at DEVCORE, a world-class offensive cybersecurity company. Having over 15 years of experience in red team assessment and penetration testing, Own heads up the team to explore cybersecurity defense postures of organisations through the simulation of a real-world intrusion, along with uncovering world-class vulnerabilities to safeguard the overall information security environment. Allen is also the co-coordinator of the Hacks In Taiwan Conference (HITCON).

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe