Navigating the Complex Landscape of Modern Threats, Zero Trust Strategies for Enhanced Security

The cat-and-mouse game between threat actors and cybersecurity professionals continued unabated in 2023, with new threats designed to avoid detection. Many of these threats are new takes on old ones, such as "leveling up" invoice fraud. And ransomware attacks are evolving; rather than encrypting victims’ data, they are straightforwardly stealing the information and extorting payment by threatening to post the info online or to simply erase it. As attack vectors evolve incessantly, the need to understand these threats intensifies. The Cybersecurity and Information Security Agency (CISA) released a report in July 2023 that examined a group of threat actors and how they were so successful. “Our attention was drawn immediately towards the identity and access management ecosystem; the way threat actors abused telecommunications providers; the relationships between organizations and their outsourcing companies; and how the law enforcement ecosystem plays a vital role in deterrence,” the report noted. Learning Objectives: -Review how old cyber threat techniques are being adapted to address cybersecurity measures taken by agencies and organizations, and the new attack vectors that are emerging. -Identify ways that having a zero-trust architecture can address these emerging threats. -Outline steps agencies can take to prioritize risks from new threats while maintaining vigilance against established attack vectors.