In today’s rapidly evolving cybersecurity landscape, businesses face a growing array of sophisticated threats, from ransomware to advanced persistent threats. Ivan Shefrin, Executive Director of Managed Security Services at Comcast Business, discusses the latest cybersecurity trends the company is monitoring and how these trends are shaping their strategy and solutions. Shefrin also shares insights into the unique challenges different-sized enterprises face and how Comcast Business leverages AI and automation to stay ahead of cyber risks.
Given the recent surge in sophisticated cyberattacks such as ransomware and advanced persistent threats, what are the most significant cybersecurity trends that Comcast Business is currently monitoring? How are these trends influencing your strategy and solutions?
Cyberattacks are getting more sophisticated, more accessible, and more frequent. Comcast Business found that customers faced billions of phishing attempts, DDoS attacks, and application exploits. We analyzed over 29 billion cybersecurity events to offer security leaders a comprehensive view of the threat landscape and actionable insights to help organizations improve their security.
These attacks are evolving with new tactics and consequences. Phishing attacks, for example, were used to spread malware like Agent Tesla, a remote access trojan (RAT) that targets users with Microsoft Windows OS-based systems. Agent Tesla steals credentials and has been active since 2014. Hackers also exploit unpatched applications, targeting popular public-facing ones like Barracuda Web Application Firewalls, Atlassian Confluence, Apache Struts, and the File Manager Plugin for WordPress. Our own data recorded over 607 million attempts to exploit these applications.
To combat this, organizations need advanced phishing detection and a proactive, layered security approach. This includes investing in solutions like Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR), which can help IT staff detect early-stage threats by monitoring network activity for anomalies. They use AI to proactively identify and stop malware, phishing, and ransomware, protecting applications, systems, and users on enterprise networks.
As threats change, organizations must adopt new strategies to stay ahead.
Comcast Business serves small, medium, and large enterprises. How do the cybersecurity need, and challenges differ across these segments, and what tailored solutions does Comcast Business offer to address these unique requirements?
Cyberattacks are increasing and affecting businesses of all sizes. Small businesses are vulnerable due to lack of resources, remote work, and heavy use of unmanaged personal devices. Our data shows a significant spike in malware and botnet activity targeting small businesses this year. As more small businesses adopt remote and hybrid work, they've become prime targets for cybercriminals.
To combat these threats, it's crucial for small business owners to implement a strong security strategy with multiple layers of protection. This means using a combination of security solutions like Multi-Factor Authentication (MFA), next-generation firewalls, making backups of critical data, and deploying endpoint protection to fortify their defenses. Partnering with a trusted managed security provider to enhance in-house capabilities is often the only way for many resource-constrained small business owners to protect themselves from costly data breaches.
Of course, large enterprises also need a multi-layered approach to cybersecurity, which we commonly call “Defense in Depth”. By combining advanced protection, managed detection and response, and ongoing patching and security hygiene programs, enterprises can more effectively safeguard their valuable digital assets and defend against complex threats.
With the increasing adoption of AI and automation in cybersecurity, how is Comcast Business leveraging these technologies to enhance threat detection and response? Can you provide some insights into the effectiveness of these technologies in mitigating cyber risks?
At the same time our customers’ attack surface is dramatically expanding, AI is playing a bigger role in cybersecurity, from how we detect and analyze threats to how we respond. It can analyze vast amounts of data and automate routine tasks, making security teams more effective. AI’s primary function today is to augment rather than replace human security analysts as they analyze and respond to the latest threat vectors. For example, a common security problem is identifying unknown “rogue” IP addresses for which we detect security threats in customer environments. AI is helping Comcast identify likely system and application owners with a high degree of certainty.
Automated systems such as MDR can continuously monitor, detect, and respond to threats that land inside our customers’ networks. Using AI and machine learning, these systems can identify suspicious activity, anomalies, and potential security breaches. Additionally, they can automate routine tasks like incident response and compliance reporting, saving time and reducing human error. In fact, our analysis of EDR and MDR data shows how these services are essential for detecting and blocking advanced cyberattacks.
While AI is a powerful tool, it's important to remember that it’s not a silver bullet. Human expertise is still needed to interpret AI's insights and make informed decisions. Business leaders and IT teams must understand how to use AI-powered tools effectively to strengthen their defenses.
Looking ahead, what do you see as the future of managed security services in the context of evolving cyber threats? How is Comcast Business preparing to adapt to these changes and continue providing robust security solutions to its customers?
Managed security services are changing how organizations approach their cybersecurity strategies. Tools like EDR, MDR, and Network Detection and Response (NDR) services have become essential for many IT leaders. These services let providers take a more hands-on role in a company’s security, which means in-house teams can focus on other priorities while experienced professionals handle threat detection and response.
Many of these services offer 24/7 monitoring and advanced threat detection, creating a robust strategy that keeps pace with evolving cyber threats. This is especially beneficial for smaller businesses that may lack the manpower for a full security team. With more resources and expertise dedicated to cybersecurity, organizations can significantly enhance their protection.
Comcast Business is at the forefront, offering a variety of modern managed services that can be tailored to fit each organization's unique needs. From traditional managed security services to more proactive MDR solutions, we are helping clients find the right fit to protect their businesses from cyber threats.