The technology industry loves to use acronyms and jargon and amidst all the news headlines about cybersecurity, you may have stumbled across a new term: zero-day.
A zero-day vulnerability is a flaw in a system or device that has been disclosed but has not yet been corrected through patches. Thankfully, these vulnerabilities are often discovered by the “good guys” — cybersecurity companies and software manufacturers — and fixes can be applied before any harm is done.
However, when a vulnerability is discovered by hackers, they will attempt to learn how they can exploit it to achieve their nefarious goals. Hackers will keep their discoveries hidden so that they can launch attacks before the vendor is even aware there’s a vulnerability.
We all hate when we’re told our devices need a software update, but it is important for us to apply updates when due and to ensure that our businesses have an effective patching strategy.
To be more proactive, we now need to work from the assumption that a security breach is inevitable and focus on how we reduce the impact of such an event or stop malicious activity before damage is done.
New solutions such as Microsoft Advanced Threat Analytics use machine learning to look for the telltale signs of attacker behaviour, including credential theft, privilege escalation, lateral movement or even file changes and block this malicious activity.
If an attacker is successful and gets on your network, do you have the tools, processes and technologies in place to mitigate the threat before the real damage is done?
Blair S. Lilford is the founder/owner of SALT Technology Group Ltd.