Certes has released a white paper that is dedicated to helping people protect themselves against zero-day threats.

As zero-day vulnerabilities escalate, with 97 incidents recorded in 2023—a staggering 56% increase from the previous year—organisations worldwide are realising that traditional perimeter defences are no longer adequate. 

In February of this year, a critical disclosure of zero-day vulnerabilities in Microsoft Exchange servers allowed attackers to execute remote code and access sensitive data. 

This incident amplifies the pressing need for a new cybersecurity approach, as detailed in the recent white paper by Certes, as it highlights the urgency of reassessing security strategies.

The challenge with zero-day vulnerabilities is that they are unknown to the software vendor at the time of exploitation. While Microsoft addressed some issues with patches, the lack of immediate solutions for unidentified vulnerabilities leaves organisations exposed to potentially devastating breaches.

The white paper reveals that zero-day vulnerabilities exploit unknown security flaws, bypassing traditional perimeter measures and leaving organisations vulnerable to data breaches and ransomware.

As highlighted by Certes’ research, no amount of perimeter security or credential-based authentication can fully mitigate the risk posed by these unseen threats.

As outlined in the whitepaper, the shift from reactive measures to a proactive, zero-trust data access approach is crucial. Certes states that their Data Protection and Risk Mitigation (DPRM) solution ensures that even if attackers infiltrate infrastructure through vulnerabilities like those in Microsoft Exchange, the data itself remains secure and worthless to the attackers.

“The Microsoft Exchange vulnerabilities are just one example of how relying on perimeter defences leaves organisations exposed,” Simon Pamplin, CTO of Certes, said. “To stay ahead, businesses need to shift focus from protecting the infrastructure to securing what really matters – the data.

“Our white paper challenges the conventional wisdom of perimeter-based security and advocates for a zero-trust approach. Hope is not a strategy.

“To protect our data and systems from the ever-evolving threats of zero-day attacks, we must adopt robust, proactive measures beyond traditional perimeter security.

“Our zero-trust model ensures that even in the face of zero-day exploits, your data remains sovereign and protected.”

For more information, read the white paper here.

To read more security news, click here.