Why should IT Auditors use Memory Forensics to enhance the cybersecurity posture of their clients?

Nieuws
14-06-2024
Robert Jan Mora
The fight against cybercrime requires more than traditional security measures. IT auditors, who assess the robustness of an organization's cybersecurity, must step up their game.

Auteur: Robert Jan Mora

1. Introduction

In the last decade, organizations have adopted Endpoint Detection and Response (EDR) capabilities to combat nation-state threats and cybercrime, often based on auditors' recommendations. However, EDR alone has not significantly reduced ransomware attacks. This is partly due to a lack of staff to interpret alerts and the growing ability of threat actors to evade EDR. A recent study showed that 26 EDR vendors failed to prevent all tested evasion techniques, with tools like EDRBlast rendering several EDR solutions ineffective1 en 2.

The fight against cybercrime requires more than traditional security measures. IT auditors, who assess the robustness of an organization's cybersecurity, must step up their game. Despite passing audits, many organizations still suffer from ransomware, highlighting the inadequacy of current controls. Auditors typically rely on interviews, documentation, and limited technical checks, which is no longer sufficient.

But how can auditors determine if a client's system or network is in a trusted state, compromised, or without specific "stated" controls without ever sampling and analyzing the volatile memory of critical systems?

[....]

Lees verder op: NOREA

Gerelateerde vacatures

Geïnteresseerd in een carrière bij organisaties in ditzelfde vakgebied? Bekijk hieronder de gerelateerde vacatures en vind de perfecte match voor jou!
Information Security Officer
Top vacature
ABN AMRO Pensioenfonds
In overleg
Senior
Amsterdam
Voor ABN AMRO Pensioenfonds zoeken wij een Information Security Officer. Je bent verantwoordelijk voor het identificeren van beveiligingsrisico’s en het ontwikkelen van passende maatregelen om deze risico’s te verminderen. Zodoende...
Meer lezen Direct solliciteren
Senior Ethisch Hacker - Cybersecurity
Top vacature
EY
Marktconform
Junior, Medior
Amsterdam
Als senior ethisch hacker in het team draag je bij door het proactief identificeren van cybersecurity risico’s en kwetsbaarheden, bedreigingen te monitoren en de effecten van echte aanvallen in de...
Meer lezen Direct solliciteren
Information security officer
Top vacature
Flynth
4.047 - 6.385
Medior, Senior
Arnhem
Je adviseert over informatiebeveiliging en cybersecurity. Je implementeert maatregelen samen met jouw collega’s om Flynth weerbaar te houden tegen dreigingen.
Meer lezen Direct solliciteren
Cyber Security Governance Lead
Top vacature
Stater
Max. 6.500
Medior
Amersfoort
Het CISO-office van Stater houdt Stater cyberveilig! Als onderdeel van de tweede lijn en rapporterend aan de CFRO, werk je nauw samen met IT, het IT Operations Security team en...
Meer lezen Direct solliciteren
Alle vacatures