The most common attacks in the past year were exploits of zero-day threats where unpatched new vulnerabilities were used to compromise critical assets. In the case of "Polymorphic Attacks", the code used for the exploit changes rapidly and automatically to prevent effective management and remediation. In 2019, expect this to continue at a high rate. The high demand for software, complicated by the time pressures to be agile, result in many more undiscovered vulnerabilities.
Questions you should be asking are:
- What will I do if zero-day vulnerabilities are discovered for a mission-critical system? Will I take it offline? Or allow it to function, knowing that it may be compromised?
- Which security vendors and products will I trust for effective triage in case of polymorphic attacks?
- What is the status of my systems for known vulnerabilities? Who manages this?
- Do you have cyber-insurance?