IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
IT Pro Podcast

The IT Pro Podcast: Surveying today's threat landscape

With an expanding attack surface, can you afford to neglect detection in favour of response?

The IT Pro Podcast logo with the episode title 'Surveying today's threat landscape'

In a sector of changing priorities, cyber security remains at the top of the list in any boardroom. With the threat landscape presenting challenges old and new, and the increasing risk of entities such as state-sponsored hacking, it is essential that businesses carefully craft their cyber security strategy to keep ahead of the next big attack.

The speed that threats evolve now demands real-time action from companies, who must maintain oversight of their attack surface and maintain as many assets as possible against vulnerabilities such as Log4Shell.

This week, we spoke to Bernard Montel, technical director EMEA at exposure management firm Tenable, to discuss how businesses can tackle their threat surface area, and the biggest risks.

Highlights

“You will be surprised that a year after, we've done a study at Tenable, a lot of companies are still vulnerable to Log4Shell. It's not that they've been lazy. We've seen once one element, which is very important is called reinfection, they've fixed the vulnerabilities partially or completely, but they install new software, and new technology, and now suddenly, those new technologies unfortunately, were using a very old library of of Log4j.”

“I mean, this is the only way they have to force organisations to increase the level of security. If you go back, for example, to GDPR which came out from the EU. I mean, by applying GDPR everywhere, mechanically the level of security has increased. That doesn't mean that we have reduced the number of attacks, the number of attacks as well has increased, but if we all together try to upload the level or the greater level of security, then mechanically, you know, we are better prepared.”

“An organisation itself has more than 500,000 assets. How can you manage that? So, I would not blame them to not fix Log4Shell, that they didn't fix it in January or February. You know, we knew when Log4Shell came out how deep it was embedded into some of the technologies.”

Read the full transcript here

Footnotes

Subscribe

Featured Resources

What 2023 will mean for the industry

What do most IT decision makers really think will be the important trends and challenges in the coming year?

Free Download

2022 Magic quadrant for Security Information and Event Management (SIEM)

SIEM is evolving into a security platform with multiple features and deployment models

Free Download

IDC MarketScape: Worldwide unified endpoint management services

2022 vendor assessment

Free Download

Magic quadrant for application performance monitoring and observability

Enabling continuous updating of diverse & dynamic application environments

View Now

Recommended

The IT Pro Podcast: The problem with APIs
application programming interface (API)

The IT Pro Podcast: The problem with APIs

27 Jan 2023
The IT Pro Podcast: Building recession-proof architecture
Development

The IT Pro Podcast: Building recession-proof architecture

20 Jan 2023
The IT Pro Podcast: How upskilling is driving staff retention
Careers & training

The IT Pro Podcast: How upskilling is driving staff retention

13 Jan 2023
The IT Pro Podcast: Going passwordless
enterprise security

The IT Pro Podcast: Going passwordless

6 Jan 2023

Most Popular

Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
GTA V vulnerability exposes PC users to partial remote code execution attacks
vulnerability

GTA V vulnerability exposes PC users to partial remote code execution attacks

23 Jan 2023
European partners expect growth this year, here are three ways they will achieve it
Sponsored

European partners expect growth this year, here are three ways they will achieve it

17 Jan 2023