{"id":3929,"date":"2022-06-24T15:54:49","date_gmt":"2022-06-24T19:54:49","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=3929"},"modified":"2022-12-19T14:24:02","modified_gmt":"2022-12-19T18:24:02","slug":"3-keys-to-preventing-ransomware-and-lateral-movement-threats","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/","title":{"rendered":"3 Keys to Preventing Ransomware and Lateral Movement Threats"},"content":{"rendered":"

\"3<\/a><\/p>\n

As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014 Chad Skipper, the Global Security Technologist at VMware<\/a>, shares insights on preventing\u00a0ransomware and lateral movement threats.
\n<\/strong><\/em><\/p>\n

\"3<\/a>The proliferation of ransomware is sobering. In 2016, on average, a business fell victim to a ransomware attack every 40 seconds at the cost of $1 billion annually. By the end of 2019, it was every 14 seconds. According to Cybersecurity Ventures<\/a>., the current frequency is every 11 seconds, with global damage estimated at around $20 billion.<\/p>\n

Along with the ransomware numbers, cyber-attack severity is growing as threat groups innovate and infiltrate more organizations. It\u2019s time for those in the security trenches to double-down on technologies that help our businesses gain complete visibility \u2013 as you can\u2019t protect what you can\u2019t see. Ultimately, this will help us defend against cyber-attacks, like ransomware, more effectively.<\/p>\n

This is especially urgent as many ransomware attacks involve some type of double extortion. That’s when bad actors trade the stolen data and sell it to third parties as well as ransom the same data back to the business, effectively doubling their gain. This is becoming a favored tactic of well-funded syndicates specializing in ransomware as a service. Adversaries remain upwards of 287 days before businesses even detect they\u2019ve been breached, according to IBM\u2019s X-Force Threat Intelligence Index 2021<\/a>. And that\u2019s beyond unacceptable.<\/p>\n


Widget not in any sidebars
<\/span><\/p>\n

At the heart of a better approach is to improve visibility. Traditional, appliance or agent-based security solutions can’t see internal traffic. That leaves you blind to malicious activity for long periods of time. In other words, if you can’t see it, you can’t protect it. And perimeter firewalls designed for north-south traffic today are ineffective at delivering the control and performance needed to defend dynamic workloads. What\u2019s needed is a distributed, granular enforcement model for securing east-west traffic that starts with visibility into every network packet.<\/p>\n

I\u2019m an advocate for 100 percent visibility, especially into east-west traffic, through observability which increases fidelity and efficacy while reducing operational cost and complexity. Today, VMware delivers three core technologies providing visibility into every single packet traversing multi-cloud environments:<\/p>\n

Intrusion Prevention\/Intrusion Detection<\/strong><\/h3>\n

With VMware\u2019s distributed firewall capabilities, teams can see nefarious actions quickly, including remote code execution or the beginning of an adversary\u2019s command and control activity. If a bad actor gains control, VMware NSX Distributed IDS\/IPS detects east-west movement between servers, for example, which can be due to open ports inside a data center that allow bad actors to continue exploiting vulnerabilities within the environment. A better defense is to apply micro-segmentation when an application or workload is deployed, effectively reducing the blast radius of a compromised host.<\/p>\n

Network Sandbox<\/strong><\/h3>\n

Organizations are in great need of insights, and getting them is best accomplished by inspecting all payloads shared within multi-cloud environments. A full system emulated network sandbox is integrated into the VMware hypervisor to enable inspection of payloads (even encrypted traffic) being shared across the infrastructure. This technology detects malicious artifacts and prevents them from being executed and proliferating. This hypervisor-enabled network sandbox is ideal for preventing the lateral spread of malware within your multi-clouds.<\/p>\n

Network Traffic Analysis and Detection Response<\/strong><\/h3>\n

Another best practice is to choose a technology that baselines all the traffic inside the multi-cloud environment, cataloging protocols to detect anomalous activity. Because not all anomalies are malicious\u2014it could simply be an unusual time for someone to access a system\u2014this technology also assesses whether the anomalous network is even security-relevant. We\u200b leverage the labeled behaviors and network traffic generated by\u200b analyzing millions of samples daily. And we use our deep security\u200b domain expertise to make sure that we pick the right features and\u200b suitable algorithms.\u200b Our technology uses individual threat actor events from initial access discovery to lateral movements to data collection to exfiltration and destruction to create a timeline of what that threat actor does to help pinpoint threats. \u00a0The technology significantly reduces false positives by labeling behaviors and network traffic rather than analyzing millions of samples daily.<\/p>\n

Conclusion<\/strong><\/h3>\n

The end goal, of course, with all three actions is to prevent attackers or reduce dwell time in the organization\u2014a goal only possible by ensuring visibility into every single packet inside of the network. When it comes to preventing disruptive ransomware attacks, I believe the more we security pros can help our organizations see, the better we will be at helping our businesses keep data safe.<\/p>\n


Widget not in any sidebars
<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014 Chad Skipper, the Global Security Technologist at VMware, shares insights on preventing\u00a0ransomware and lateral movement threats. The proliferation of ransomware is sobering. In 2016, on average, a business fell victim to a ransomware attack every […]<\/p>\n","protected":false},"author":208,"featured_media":3930,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1,43],"tags":[],"acf":[],"yoast_head":"\n3 Keys to Preventing Ransomware and Lateral Movement Threats<\/title>\n<meta name=\"description\" content=\"Chad Skipper, the Global Security Technologist at VMware, shares insights on preventing ransomware and lateral movement threats.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"3 Keys to Preventing Ransomware and Lateral Movement Threats\" \/>\n<meta property=\"og:description\" content=\"Chad Skipper, the Global Security Technologist at VMware, shares insights on preventing ransomware and lateral movement threats.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-24T19:54:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-12-19T18:24:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chad Skipper\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chad Skipper\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/\",\"name\":\"3 Keys to Preventing Ransomware and Lateral Movement Threats\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg\",\"datePublished\":\"2022-06-24T19:54:49+00:00\",\"dateModified\":\"2022-12-19T18:24:02+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/f22f0991169111eae37454d7bda1b803\"},\"description\":\"Chad Skipper, the Global Security Technologist at VMware, shares insights on preventing ransomware and lateral movement threats.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg\",\"width\":800,\"height\":400,\"caption\":\"3 Keys to Preventing Ransomware and Lateral Movement Threats\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"3 Keys to Preventing Ransomware and Lateral Movement Threats\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/f22f0991169111eae37454d7bda1b803\",\"name\":\"Chad Skipper\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/60a1d32797c3fe94bb97283e94b6b4e8?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/60a1d32797c3fe94bb97283e94b6b4e8?s=96&d=mm&r=g\",\"caption\":\"Chad Skipper\"},\"description\":\"Chad Skipper serves as Global Security Technologist in the Network and Advanced Security Business Group at VMware. With more than 25 years in Information Security, Chad has served in many executive security technologist and strategist roles of endpoint, network, cloud, and hosted security services at Lastline, acquired by VMware, Cylance, acquired by Blackberry, Dell, Cisco, Symantec and is a USAF veteran.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/chadskipper\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"3 Keys to Preventing Ransomware and Lateral Movement Threats","description":"Chad Skipper, the Global Security Technologist at VMware, shares insights on preventing ransomware and lateral movement threats.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/","og_locale":"en_US","og_type":"article","og_title":"3 Keys to Preventing Ransomware and Lateral Movement Threats","og_description":"Chad Skipper, the Global Security Technologist at VMware, shares insights on preventing ransomware and lateral movement threats.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2022-06-24T19:54:49+00:00","article_modified_time":"2022-12-19T18:24:02+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg","type":"image\/jpeg"}],"author":"Chad Skipper","twitter_misc":{"Written by":"Chad Skipper","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/","name":"3 Keys to Preventing Ransomware and Lateral Movement Threats","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg","datePublished":"2022-06-24T19:54:49+00:00","dateModified":"2022-12-19T18:24:02+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/f22f0991169111eae37454d7bda1b803"},"description":"Chad Skipper, the Global Security Technologist at VMware, shares insights on preventing ransomware and lateral movement threats.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2022\/06\/Ransomware.jpg","width":800,"height":400,"caption":"3 Keys to Preventing Ransomware and Lateral Movement Threats"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/3-keys-to-preventing-ransomware-and-lateral-movement-threats\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"3 Keys to Preventing Ransomware and Lateral Movement Threats"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/f22f0991169111eae37454d7bda1b803","name":"Chad Skipper","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/60a1d32797c3fe94bb97283e94b6b4e8?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/60a1d32797c3fe94bb97283e94b6b4e8?s=96&d=mm&r=g","caption":"Chad Skipper"},"description":"Chad Skipper serves as Global Security Technologist in the Network and Advanced Security Business Group at VMware. With more than 25 years in Information Security, Chad has served in many executive security technologist and strategist roles of endpoint, network, cloud, and hosted security services at Lastline, acquired by VMware, Cylance, acquired by Blackberry, Dell, Cisco, Symantec and is a USAF veteran.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/chadskipper\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3929"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/208"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=3929"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3929\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/3930"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=3929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=3929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=3929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}