Arguably the biggest challenge facing the cyber security industry today is the shortage of skilled professionals. The worldwide skills gap is much reported and debated, with many organisations feeling the strain of not enough viable candidates to fill their vacant positions in an area that is seeing significant expansion in many organisations who are rightly beginning to take cyber security seriously.

Cyber threat detection and response is a well-established area of the cyber security industry today, with a multitude of product and service types and definitions (and many a ‘Magic Quadrant’).

According to Microsoft, Zero Trust is now ‘the top security priority’ for 96% of the interviewed security decision makers, while 76% were currently in the process of implementation. 90% of those interviewed stated that they were ‘familiar’ with Zero Trust and able to pass a knowledge test. The nature of this test and the appropriate right answers weren’t provided.

As cyber threats continue to evolve, investing in generic services and off-the-shelf products leaves organisations exposed by failing to deliver the specific outcomes they need. Repeating these investments each year means that the level of security never truly improves, as attackers effectively invest more than the defenders.

This article is the first in our series on the Science Behind Cyber Security. Cyber security is often seen as a bit like the wild west, where it’s difficult to differentiate genuine solutions from snake oil. You can counter this by applying a scientific approach to scrutinise your planned cyber investments. As a buyer, you can find reassurance in the science and logic of a solution.

The industry consensus today is that the only way to reliably end the threat of ransomware for good is to stop paying ransoms. Some have even gone so far as to suggest that they should be banned altogether. But because of a lack of public knowledge and transparency, it’s almost impossible to know the full scale of the problem to understand the right solution.

SpecterOps recently released an offensive security research paper that details techniques enabling an adversary to abuse insecure functionality in Active Directory Certificate Service. SpecterOps reports that abusing the legitimate functionality of Active Directory Certificate Service will allow an adversary to forge the elements of a certificate to authenticate as any user or administrator in Active Directory.

Arguably the greatest threat to organisations in 2021 is ransomware. Ransomware attacks proliferated in 2020, increasing by 435% compared to 2019. The number of ransoms paid has also increased from 39% in 2018 to 58% in 2020 (the figure is likely to be even higher when factoring in those organisations that have not disclosed whether a ransom has been paid).