Get Ahead of
Cyber Threats
Product

Why cyber threats are increasing and what you can do about it

April 26, 2021
Reading time: 5 min

We are in the midst of a perfect storm, escalated by the COVID-19 pandemic’s shift to remote work and the increased number of entry points attackers can gain access to organizations’ sensitive data. The world is moving at the speed of code, and unfortunately, cybercriminals are evolving and innovating their attacks faster than security teams can detect, patch, or stop them. Even the most well-resourced corporations with hundreds of security personnel dedicated to researching, triaging, and responding to threats are having difficulty keeping up with the evolving threat landscape. Organizations must understand why emerging cyber threats continue to rise and the business consequences of not addressing them in a timely manner. First, let’s understand the motives behind cybercriminals.

What exactly are cybercriminals looking for?

There is a lot of money and political power involved in data. Cybercriminals may not know how to harness the data they are exploiting or even care what the data contains, but money can be made through blackmail and ransomware. In 2019, the city of Baltimore was infected with ransomware, and attackers demanded 13 bitcoin per infected computer to regain access, approximately $75,000, and ultimately resulted in $18 million in damages. Although the city of Baltimore has tens of thousands of employees, that does not mean cybercriminals only target large organizations. If your organization is like most companies, it probably holds sensitive customer or company data that cybercriminals will try to access and exploit. 

The Challenges of Emerging Threats

Cloud service providers, such as Amazon Web Services, Google Cloud Platform, and Microsoft Azure, may have security features built into their platforms, and companies rely heavily, sometimes solely, on the built-in security tools. Still, these tools don’t necessarily protect you 100%. As cloud services become more complex and more SaaS applications are deployed, the number of entry points available for attackers goes up. Combined with the increasing number of endpoints escalated in part by the COVID-19 pandemic and the overnight shift to remote work, cybercriminals are finding more ways to get in. Companies could rely on endpoint detection software, threat and vulnerability scanners to help secure the perimeter at one point in time. Still, the amount of data and alerts populated by these tools are overwhelming security teams, making it near impossible to understand if companies have been exposed or impacted.

The Promise of Data and the SIEM

Endpoint detection software, threat and vulnerability scanners are all tools that help security teams better understand the threat landscape, but consuming and triangulating the data from these applications is no easy feat. Many organizations rely on a SIEM (security information and event management) tool to aggregate the event data populated from the various applications. When purchasing a SIEM, companies are sold on the promise that with a SIEM, they will be able to harness their data. But, for this data to be harnessed and analyzed, the process can take a skilled team six months to a year, or hundreds of thousands of dollars in professional services fees for most. The process involves normalizing, configuring, and aggregating the data (also known as data plumbing), is time-consuming, expensive, and requires highly technical talent, which organizations cannot afford in the current threat landscape.

The Cybersecurity Talent Gap

Every minute that passes from when a vulnerability or malware has been detected is an opportunity for another bad guy to get in and more sensitive data to be leaked. Multiple studies have found it takes organizations 85-100 days to patch (or fix) a vulnerability and, for the United States alone, the average number of days to identify and contain a breach is 227 days. In addition to the SIEM and data plumbing issues, the cybersecurity industry has a massive talent gap. It has been found that the United States has less than half the cybersecurity candidates it needs to handle increasing demand. Coupled with budget cuts and revenue loss from the COVID-19 pandemic, organizations find it challenging to hire and retain qualified cybersecurity talent. How do we solve this problem with limited resources, a cybersecurity talent gap, and ever-increasing cyber threats? 

How can we get ahead of cybercriminals?

To get ahead of cybercriminals, organizations must have the tools, visibility, and awareness to understand their environment better. Many organizations are turning to cyber insurance to protect themselves, but insurance providers require proof that existing cybersecurity controls are in place already and continuously monitored. Insurance is also great after the fact, but it’s not going to stop the problem of getting ahead of cybercriminals or the loss of customer trust. 

The built-in security features on cloud platforms lack the context and “full picture” security teams need. Endpoint detectors, vulnerability and threat scanners populate way too much data for security teams to understand and act quickly. SIEMs, although excellent as a system of record, take months of data plumbing to set up before getting any meaningful insights and still require ongoing upkeep. SIEMs are also expensive tools, with annual costs ranging from tens of thousands to over $100,000, that only the largest corporations with big budgets and large staffs can tool out properly. Thus, leaving the majority of companies vulnerable. This is why we’ve built Fletch, ready-to-use analytics to help organizations defend themselves against emerging cyber threats. 

How is Fletch solving this problem?

Think of Fletch as a lens into an organization’s environment, whether your organization is on-premise, in the process of moving to the cloud, hybrid, or 100% cloud-based. With Fletch, organizations now can instantly understand if they are vulnerable to a threat and if they have been impacted. If an organization has been impacted, Fletch will surface the most critical steps you should be prioritizing to eradicate the threat. Additionally, Fletch helps prove to cyber insurance providers that you have the controls, measures, and continual monitoring in place to remain insurable.

We are starting by integrating with applications like:

  • Amazon Web Services
  • Microsoft Azure
  • Google Cloud Platform
  • Carbon Black
  • Qualys
  • Rapid7 (coming soon)
  • Crowdstrike (coming soon)
  • Tenable (coming soon) 

With Fletch, we have automated the data plumbing process to get the telemetry and visibility within 24 hours, instead of six months. Getting started with Fletch is simple:

  • Connect the selected integrations to Fletch. We require a read-only access key and set up typically takes 15 minutes.
  • The Fletch platform has automated the data plumbing process (indexing, normalizing and configuring the data), which means no heavy lifting on your part.
  • Within 24 hours, you’ll start getting insights into your environment, so you know what to prioritize and how to address critical issues.

Now is the time to get ahead of cybercriminals and gain peace of mind by continuously monitoring your endpoints, environment, and sensitive data. If you are interested in learning more or joining our closed beta, sign up at fletch.ai or email us at beta@fletch.ai.

cloud
cyberattack
cybercriminals
cybersecurity
data
malware
ransomware
threat
Back to Top
© 2023 Fletch. All rights reserved.   
Terms
Privacy Policy
Security at Fletch
FOLLOW US