Connect with us

Expert Speak

The Value of Business Risk Observability in Managing Modern Application

Published

2 years ago

on

Written by Joe Byrne, CTO Advisor, Cisco AppDynamics

As the modern workforce has become distributed across offices and remote locations, so have the applications employees depend on to carry out their work. These distributed applications have drastically changed the security paradigm, drawing out the attack surface area of the digital enterprise. Attackers have been quick to exploit this trend, with research by Red Hat revealing that the majority (93%) of businesses experienced at least one security incident in their Kubernetes environments in the past 12 months.

In the Middle East, governments such as those in the UAE and Saudi Arabia have clearly laid out cloud-first strategies, and subsequently, cloud-native application development is gaining momentum. While this enables organizations to innovate at greater speed and scale, it is also exponentially raising complexity for application and security teams. In a recent Cisco study, ​​92% of global technologists admitted that the rush to rapidly innovate and respond to the changing needs of customers has come at the expense of robust application security during software development.

The UAE’s Head of Cyber Security Mohammed Hamad Al Kuwaiti recently said that the UAE Cyber Security Council cooperates with its partners in deterring over 50,000 cyber-attacks per day. Facing such numbers, it is easy to see how organizations are getting overwhelmed and why a solution must be found.

Application security is essential to the business
The Red Hat study showed that almost a third (31%) of organizations that faced a security incident consequently experienced financial or customer losses. IT teams need to act quickly and decisively in order to protect their customer data and the reputation of their organizations. This means ensuring they have the tools, insights and working practices to bring together applications and security teams to securely develop and deploy modern applications. Crucially, businesses need to apply business context to their security findings so that teams can rapidly locate, assess and prioritize risk, and then remediate issues based on potential business impact.

Applications are now the enabler of business — be it the digital services customers use to interact with organizations, or the enterprise applications employees rely on daily. As a result, brand trust and loyalty are now built upon application availability, security, and performance.

However, with the shift to cloud-native technologies, vulnerabilities can occur anytime and anywhere. This makes it incredibly difficult and time-consuming for application teams and security teams to assess risks and prioritize actions. What they need is clear visibility of each new security risk with real-time vulnerability analytics. But with so many new and constantly changing threats within Kubernetes environments, traditional vulnerability scanning solutions simply don’t provide adequate information.

Business risk observability is now a business imperative
To be as effective as possible, security teams need to be able to evaluate the business risks of potential attacks, align teams and triage threats. To do this, they need to rapidly pinpoint where vulnerabilities exist across application entities — business transactions, services, workload, pods and containers — so that they can quickly isolate them. They then need to assess the severity of these risks, the likelihood that they will be exploited and the risk to the business of each issue.

With ever-increasing numbers of threats, prioritization is key, and this type of business risk observability is essential for technologists to understand and prioritize risks. By combining application performance data and business impact context with vulnerability detection and security intelligence, IT teams can prioritize security issues with a business risk score. This will allow them to easily identify which business transactions present the greatest risk to their organization. For instance, they can assess the risk to sensitive customer data resulting from a particular business transaction, or calculate the potential for loss of revenue.

This approach reframes the cybersecurity threat in a more meaningful context. Instead of firefighting from one issue to the next, as they occur, security teams can act more strategically, based on real-time business transaction data. By prioritizing security issues with business context, they can improve key metrics such as mean time to detect (MTTD) and mean time to remediation (MTTR).

It is encouraging to see that technologists are recognizing the need for change — 93% state that it’s now important to be able to contextualize security so that they can correlate risk in relation to other key areas such as the application, user and business, and to prioritize vulnerability fixes based on potential impact. Perhaps most importantly, business risk observability helps application and security teams come together around a single source of truth for all application availability, performance and security data. In the era of zero-day threats, where vulnerabilities can remain unknown for long periods of time, such a framework enables all teams to work cross-functionally on secure deployments of modern applications.

Business risk observability provides a platform for IT departments to shift to an integrated DevSecOps approach. Teams are able to collaborate far more effectively and embed security into the application lifecycle from the outset, with development teams adhering to the organization’s most critical security priorities.

The benefits of business risk observability
Gartner predicts that 95% of new digital workloads will be deployed on cloud-native platforms by 2025.  Attackers will undoubtedly be taking note of this, and we can expect that Kubernetes within modern application environments will become an increasingly attractive target. For IT leaders, this represents a significant new threat that they simply haven’t had to consider before. Application security will need to become a major priority for IT departments in all sectors.

There is no abating the flood of applications in the modern enterprise. They have become an essential part of how businesses operate, and in many cases, offer the decisive competitive edge. Recognizing this, organizations must strive to protect their most valuable assets. Business risk observability provides them with an effective means to do so, ensuring applications effectively serve their end purpose of boosting customer loyalty and driving revenues.

Related Topics:
Continue Reading

Artificial Intelligence

How AI is Reinventing Cybersecurity for the Automotive Industry

Published

4 weeks ago

on

April 23, 2025

By

Written by Alain Penel, VP of Middle East, CIS & Turkey at Fortinet (more…)

Continue Reading

Cyber Security

Positive Technologies Study Reveals Successful Cyberattacks Nett 5X Profits

Published

2 months ago

on

March 25, 2025

By

Positive Technologies has released a study on the dark web market, analysing prices for illegal cybersecurity services and products, as well as the costs incurred by cybercriminals to carry out attacks. The most expensive type of malware is ransomware, with a median cost of $7,500. Zero-day exploits are particularly valuable, often being sold for millions of dollars. However, the net profit from a successful cyberattack can be five times the cost of organizing it.

Experts estimate that performing a popular phishing attack involving ransomware costs novice cybercriminals at least $20,000. First, hackers rent dedicated servers, subscribe to VPN services, and acquire other tools to build a secure and anonymous IT infrastructure to manage the attack. Attackers also need to acquire the source code of malicious software or subscribe to ready-to-use malware, as well as tools for infiltrating the victim’s system and evading detection by security measures. Moreover, cybercriminals can consult with seasoned experts, purchase access to targeted infrastructures and company data, and escalate privileges within a compromised system. Products and tools are readily available for purchase on the dark web, catering to beginners. The darknet also offers leaked malware along with detailed instructions, making it easier for novice cybercriminals to carry out attacks.

Malware is one of the primary tools in a hacker’s arsenal, with 53% of malware-related ads focused on sales. In 19% of all posts, infostealers designed to steal data are offered. Crypters and code obfuscation tools, used to help attackers hide malware from security tools, are featured in 17% of cases. Additionally, loaders are mentioned in 16% of ads. The median cost of these types of malware stands at $400, $70, and $500, respectively. The most expensive malware is ransomware: its median cost is $7,500, with some offers reaching up to $320,000. Ransomware is primarily distributed through affiliate programs, known as Ransomware-as-a-Service (RaaS), where participants in an attack typically receive 70–90% of the ransom. To become a partner, a criminal must make a contribution of 0.05 Bitcoin (approximately $5,000) and have a solid reputation on the dark web.

Another popular attack tool is exploits: 69% of exploit-related ads focus on sales, with zero-day vulnerability posts accounting for 32% of them. In 31% of cases, the cost of exploits exceeds $20,000 and can reach several million dollars. Access to corporate networks is relatively inexpensive, with 72% of such ads focused on sales, and 62% of them priced at under a thousand dollars. Among cybercriminal services, hacks are the most popular option, accounting for 49% of reports. For example, the price for compromising a personal email account starts at $100, while the cost for a corporate account begins at $200.

Dmitry Streltsov, Threat Analyst at Positive Technologies, says, “On dark web marketplaces, prices are typically determined in one of two ways: either sellers set a fixed price, or auctions are held. Auctions are often used for exclusive items, such as zero-day exploits. The platforms facilitating these deals also generate revenue, often through their own escrow services, which hold the buyer’s funds temporarily until the product or service is confirmed as delivered. On many platforms, these escrow services are managed by either administrators or trusted users with strong reputations. In return, they earn at least 4% of the transaction amount, with the forums setting the rates.”

Considering the cost of tools and services on the dark web, along with the median ransom amount, cybercriminals can achieve a net profit of $100,000–$130,000 from a successful attack—five times the cost of their preparation. For a company, such an incident can result not only in ransom costs but also in massive financial losses due to disrupted business processes. For example, in 2024, due to a ransomware attack, servers of CDK Global were down for two weeks. The company paid cybercriminals $25 million, while the financial losses of dealers due to system downtime exceeded $600 million.

Continue Reading

Expert Speak

What the Bybit Hack Reveals About the Future of Crypto Security

Published

2 months ago

on

March 8, 2025

By

Written by Oded Vanunu, Chief Technologist & Head of Product Vulnerability Research at Check Point (more…)

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.