As our world becomes increasingly interconnected and reliant on digital technologies, the importance of cybersecurity has never been more apparent. The evolution of cybersecurity has seen a shift in focus from merely preventing attacks to actively protecting our digital world from emerging threats and vulnerabilities.
Department of Homeland Security’s Strategy for Cybersecurity
The Department of Homeland Security (DHS) recently released a long-awaited strategy document outlining its priorities for deterring cyberattacks on critical infrastructure systems. The document emphasizes the need for enhanced public-private collaboration to mitigate cyber threats and warns that these threats have become more complex, with cascading impacts on multiple industries and sectors. The 2021 ransomware attack on the Colonial Pipeline is cited as an example of the real-world impacts of cyber vulnerabilities. DHS is committed to preventing and mitigating active threats through the work of the Cybersecurity and Infrastructure Security Agency (CISA) and has launched the Cybersecurity Talent Management System to expand its pool of high-skilled cyber talent.
ZeroFox Acquires LookingGlass Cyber Solutions
In a move to strengthen global attack surface management and threat intelligence capabilities, ZeroFox is acquiring LookingGlass Cyber Solutions, Inc. This acquisition will enable ZeroFox to provide customers with a single end-to-end platform for protecting their external attack surface from increasingly sophisticated cyberattacks. LookingGlass empowers public sector organizations, large enterprises, and industry security alliances at scale by providing extensive discovery, intelligence, and cyber defense capabilities. The acquisition is expected to close within the next 30 days, with additional guidance to be provided during the Q1 FY24 earnings call.
Subdomain Hijacking Vulnerabilities and CSC’s Solution
A recent report by CSC revealed subdomain hijacking vulnerabilities, with over 21% of DNS records reviewed pointing to content that does not resolve and over 277,000 DNS records showing error status codes such as “404 not found” or “502 bad gateway”. Dangling DNS, or inactive zones that do not point to content, are at risk of subdomain hijacking, which allows attackers to gain control of a legitimate subdomain to host fraudulent or malicious content. To combat this issue, CSC is introducing its new Subdomain Monitoring and
Enforcement product, powered by CSC’s DomainSec threat intelligence platform. This technology alerts DNS administrators and security engineers when changes to their zone records are detected, providing greater visibility on threat vectors targeting global domain portfolios. CSC is a trusted security and threat intelligence provider for enterprise domain names, DNS, digital certificate management, digital brand, and fraud protection.
The evolution of cybersecurity has brought about significant advancements in protecting our digital world from emerging threats and vulnerabilities. From the Department of Homeland Security’s strategy for cybersecurity to innovative solutions like CSC’s Subdomain Monitoring and Enforcement product, it is clear that the industry is taking a proactive approach to address the ever-evolving landscape of cyber threats. As we continue to rely on digital technologies in our daily lives, the importance of cybersecurity will only continue to grow.