In recent weeks we've seen threat actors stepping up ransomware attacks against hospitals at a moment when saving lives is their most important focus. To keep critical care operating uninterrupted, it’s become more important than ever for hospitals to harden their environment with ransomware prevention.Without secure  infrastructure, treatments and surgeries can and do grind to a halt. The operators of the Ryuk ransomware, for example, targeted 10 healthcare organizations over the course of the past month and are continuing to attack and encrypt data at healthcare organizations, according to Bleeping Computer.

Organizations in every industry and at every level of government face more cyberattacks each day. According to Ponemon Institute’s recent research, 68 percent of organizations note an increased frequency of attacks against their endpoints. Often, these threats are zero days, fileless attacks, in-memory exploits, and evasive malware designed to circumvent antivirus and endpoint detection and response solutions.

Recently, news came out about a CVE-2020-0674 vulnerability in Microsoft’s Internet Explorer scripting engine based on how the browser handles memory. More specifically, within the JScript component of the scripting engine is an unspecified memory corruption vulnerability. What this means in practice is that any application that supports embedding Internet Explorer or its scripting engine can be leveraged as an attack vector.

When looking at cyber defense best practices and models, one driving question, which also keeps CISOs up at night, is this:

What's the best way to orchestrate security telemetry and processes so that SOC operators and security teams can prevent more threats and scale threat response as a formidable force multiplier against the onslaught of unknown attacks and exploits?