Proactive cyber defence: Managing the growing risk of zero-day vulnerabilities
In today's digitally driven world, the race between cyber attackers and defenders is more intense than ever. Every enterprise, regardless of industry, relies on a vast web of interconnected systems, cloud services, on-prem applications, and hybrid collaboration tools.
This interconnectedness, while essential for agility and growth, introduces a critical risk: the exploitation of zero-day vulnerabilities.
The recent
This flaw, which allows unauthenticated remote code execution, was actively exploited in the wild before any formal patch was released.
It's a textbook case of how attackers continue to innovate and why organisations must rethink how they manage cyber risk, especially for unknown and unpatched threats.
Zero-day realities: Not 'if,' but 'when?'
Zero-days are by nature invisible, until they're not. They represent flaws in software or systems that developers and defenders aren't yet aware of, but attackers may have already discovered and weaponised. This asymmetry creates a dangerous window of opportunity for malicious actors. In ToolShell's case, attackers were able to execute arbitrary code remotely, potentially gaining full control of affected systems.
While this particular case is notable, it is by no means unique. Whether targeting collaboration platforms, email servers, web frameworks, or even security tools themselves, zero-day vulnerabilities are becoming a standard tactic in the modern attacker's playbook. This brings forth a pressing question: how can organizations prepare for threats they cannot see?
Building cyber resilience: From reactive to proactive
Effective cybersecurity in the face of zero-day threats requires a multi-layered and forward-looking strategy. Here are five key focus areas every organization should adopt:
Assume breach and minimise blast radius
The first shift in mindset must be this: assume a breach is inevitable. This isn't pessimism, it's realism. By adopting an 'assume breach' posture, companies can invest in segmentation, access controls, and identity protections that limit how far an attacker can move once inside.
Privileged access should be limited, lateral movement should be monitored, and sensitive data must be isolated.
Adopt extended detection and response (XDR)
Detection is no longer enough; organizations need tools that correlate behavior across endpoints, identities, cloud workloads, and networks. XDR platforms provide that visibility, enabling faster detection of anomalies and coordinated response across environments.
When a zero-day is exploited, the ability to see the full kill chain and isolate affected systems becomes mission-critical.
Invest in threat intelligence and real-time updates
Staying ahead means being informed. Enterprises should subscribe to threat intelligence feeds and work with cybersecurity partners who offer real-time updates, including Indicators of Compromise (IOCs) and hunting queries, even before public advisories are issued. Early detection and context-rich threat intel can dramatically reduce dwell time and response lag.
Integrate vulnerability management with active monitoring
Traditional vulnerability management often runs on a monthly cadence, too slow for today's environment. Modern organizations need continuous vulnerability exposure assessments that integrate with their detection tools. If a system is found to be vulnerable, real-time flags should trigger proactive isolation or prioritization in patch pipelines.
Foster cross-team collaboration and executive visibility
Cyber risk is a business risk. IT, security, and executive leadership must collaborate closely to ensure that the organization's risk tolerance, response protocols, and communication plans are well understood and exercised.
Business continuity planning should include simulations for zero-day incidents — not just ransomware or known malware.
From defence to anticipation
While patching known vulnerabilities remains essential, organsations can no longer rely solely on post-exploit remediation. The key lies in anticipating threats through behavioral analysis, automated response, and architectural resilience.
Emerging technologies, including
This level of proactive defense is increasingly becoming the gold standard. It's also critical to eliminate blind spots. Tools should be able to detect unexpected process executions, unusual SharePoint or IIS behaviors, and anomalous command-line arguments, signs that something like ToolShell may be at play.
Staying one step ahead
Zero-days will continue to surface. Some may grab headlines; many will fly under the radar. But the organisations that thrive in this reality are those that don't wait for the news to act. They invest in proactive visibility, rapid containment, and flexible response strategies.
The ToolShell vulnerability may fade from news cycles in weeks, but the lesson it carries must remain: in cybersecurity, speed and preparedness make all the difference. The winners are those who treat zero-day defense not as a one-time effort, but as a core capability woven into the fabric of their technology, their processes, and their culture.
The writer is senior director, solutions engineer at SentinelOne, a global leader in AI-powered cybersecurity.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Tahawul Tech
an hour ago
- Tahawul Tech
Omnix strengthens digitisation in manufacturing solutions
Omnix International, a leader in digital transformation and innovative technology solutions, has announced a significant expansion of its manufacturing-focused digitisation solutions to address the growing demand for intelligent, immersive, and future-ready production ecosystems. The announcement reinforces Omnix's commitment to helping manufacturers move into the era of Industry 5.0, combining human-centric innovation with AI-powered automation, immersive collaboration, and sustainable operations. The move comes at a time when increasing global challenges such as supply chains, rising energy and operational costs, skilled labour shortages are accelerating the shift for manufacturers to transition from traditional operations to agile, data-driven environments. Walid Gomaa, CEO of Omnix said, 'As a long-standing provider of solutions to the manufacturing industry, we see that many companies are under pressure to work towards incorporating faster, smarter and more sustainable solutions. Our goal is to help them reimagine production through intelligent digitisation where the focus is not only on automating processes but moving away from a fragmented production ecosystem to one which is integrated, predictive and human centric.' Omnix's Digitisation in Manufacturing initiative brings together a range of powerful, scalable, modular solutions that can be tailored for manufacturers across sectors such as automotive, aerospace, electronics, oil & gas, and other manufacturing. Key offerings include: Advanced Design-to-Production Workflows : Seamless integration of 3D design, simulation, and CAM tools for faster product development. : Seamless integration of 3D design, simulation, and CAM tools for faster product development. Smart Factory Enablement : Real-time machine, system, and operator connectivity to enable predictive and autonomous operations. : Real-time machine, system, and operator connectivity to enable predictive and autonomous operations. Immersive Technologies : XR-driven training, support, and visualisation to boost collaboration and workforce efficiency. : XR-driven training, support, and visualisation to boost collaboration and workforce efficiency. Digital Twin & Simulation Platforms : Real-time monitoring, optimisation, and predictive maintenance of assets. : Real-time monitoring, optimisation, and predictive maintenance of assets. Connected Manufacturing Analytics : AI-powered insights for proactive decision-making and improved throughput. : AI-powered insights for proactive decision-making and improved throughput. Remote Collaboration & Operations Support: Secure, expert-guided issue resolution and operational oversight from anywhere. Unlike conventional providers, the company's strength lies in delivering modular, interoperable, and future-ready solutions that are tailored for the Middle East's manufacturing landscape. The differentiating factor is the ability to converge immersive design, engineering-grade simulations, advanced automation, and real-time operational visibility into a single, scalable framework. The focus is entirely on helping customers integrate the best-fit technologies for their needs. Rizwan Kareem, Business Unit Manager – Industry Support Solutions at Omnix, said, 'We see value being provided by offering solutions that can help bridge our customers physical and digital needs and help them raise their decision making capabilities, increase operational efficiency and strengthen their work-force productivity. It is our way of seeing manufacturers pave their path towards Industry 5.0. Our strength lies in unifying design, automation, AI and XR into a single platform that helps customers achieve their strategic goals'. While several elements of Omnix's Digitisation in Manufacturing offerings which are built on a strong foundation of proven deployments across the region, integrated pilot environments are underway at key customer sites that are incorporating the new capabilities progressively based on specific client needs and project timelines. The solutions will be showcased through targeted engagements, live demos, and industry events across the UAE, KSA, Qatar, Kuwait and Oman. Omnix's long-term strategy centres on building resilient and sustainable manufacturing models that are prepared not only for Industry 4.0 but for the emerging needs of Industry 5.0. The company aims to work alongside regulators, academia and technology partners to foster a regional ecosystem, enabling upskilling through immersive learning and being in a strong position to deliver full lifecycle digital services from consulting and solution architecture to deployment of change management. This initiative also significantly extends Omnix's legacy in digitisation from its deep roots in AEC and government sectors into high-tech manufacturing transformation, making it a cross-industry digital innovation enabler in the Middle East. Image Credit: Omnix
The National
2 hours ago
- The National
Manus on Markets: Big tech gets torched amid warnings over AI hype
From tariff turmoil and stock shocks to market meltdowns, the global financial system has never been in such flux. Manus Cranny, The National's geo-economics editor, cuts through the noise and presents insights from the stories making headlines around the world.
Gulf Business
3 hours ago
- Gulf Business
AI in travel: Untapped potential or risky business?
Image: Getty Images/ For illustrative purposes In an era where artificial intelligence (AI) is rapidly becoming ubiquitous, transforming how we access and verify information online, its role in specific sectors continues to evolve. At the height of the summer travel season, a new survey by global cybersecurity firm Kaspersky sheds light on how often people are leveraging AI for travel planning, and the extent to which tourists are prepared to entrust their trip details to intelligent algorithms. The findings present an interesting paradox: AI is widely used, highly satisfying for travel planning, yet still not a primary tool for most vacationers. AI's widespread adoption, yet limited travel role The results confirm AI's pervasive presence among active internet users, with a striking 88 per cent of respondents in the UAE reporting at least one instance of AI usage . However, AI's application varies significantly across different activities. The most popular use for AI is research (75 per cent of respondents) , followed by work (59 per cent) and studying (51 per cent) . Entertainment (50 per cent) and experimenting with technology (42 per cent) also rank highly. Interestingly, AI in travel planning lags behind, garnering only 36 per cent of votes , indicating it is not yet among the most common uses of AI, despite its potential. This relatively low adoption rate for travel planning stands in stark contrast to the overwhelming satisfaction among those who do use it. A remarkable 99 per cent of respondents who applied AI in travel planning were satisfied with their experience , with 96 per cent of UAE respondents expressing satisfaction , and 83 per cent planning to use it again in the future . This suggests a significant untapped potential for AI to streamline travel preparations. Read: AI as a research powerhouse for travellers For travellers who do embrace AI, its most popular function remains its core strength: research . According to the survey, 69 per cent of respondents who used AI for travel planning entrusted it to identify events and activities , including suitable excursions, popular tourist routes, and souvenir shops. Similarly, 69 per cent used AI to select accommodation , while 60 per cent relied on it to create lists of restaurants , and 63 per cent even assigned AI to search for tickets . A key trend observed was that families with children more actively utilised various AI functions in preparing for travel compared to childless audiences. This suggests that AI is effectively helping users, particularly those with more complex planning needs, to save time by automating tedious research tasks. The booking barrier: Trust versus convenience Despite its strong performance in research, AI-powered booking functions were less popular across all groups . The survey indicates that 51 per cent of respondents booked hotels via AI services , 46 per cent booked tickets , and only 54 per cent booked restaurants with AI's assistance. Critically, 57 per cent of participants stated they resorted to AI for solving visa and migration questions . This particular use case raises significant concerns, as highlighted by a recent incident involving an Australian writer who was unable to fly to a conference in Chile due to incorrect visa advice provided by ChatGPT. This serves as a potent reminder that the risks of AI hallucinations can outweigh the time-saving benefits for critical applications where precision and factual accuracy are paramount. Vladislav Tushkanov, group manager at Kaspersky AI Technology Research Center, commented on these trends: 'Some trends in AI usage we observed show that the role of AI in solving everyday issues is changing. The respondents all value their time and prefer the personalised outputs that AI provides.' He noted that 'Already this technology is maturing and rapidly delivering on its promise of better research and generating creative ideas.' Tushkanov concluded, 'By choosing the most suitable options it becomes an important decision aid, which of course provokes reflection about the credibility of data it provides. AI-powered services are becoming increasingly in-demand tools for solving a variety of tasks, including travel planning, however, we should still remember that the decision is ours to make.' Ensuring safe travels in the AI age: Kaspersky's recommendations To mitigate the risks associated with AI-driven travel planning and ensure the safety of digital activities abroad, Kaspersky offers several key recommendations: Verify information: Always double-check any information provided by AI. Avoid making purchases or booking on websites until their authenticity has been independently verified. Mobile internet abroad: When planning international travel, consider mobile internet options like an eSIM to maintain reliable connectivity with family and friends. Wi-Fi network vigilance: Always double-check Wi-Fi networks before connecting. Use a VPN (Virtual Private Network) for secure browsing and avoid automatically joining unfamiliar hotspots. Device protection: Safeguard devices by never leaving them unattended in crowded places. Implement strong passwords and install a reliable security solution to protect against various cyber threats. AI's significant potential in enhancing the travel planning The Kaspersky survey underscores AI's growing influence in daily life and its significant potential in enhancing the travel planning experience through personalized research and time-saving functionalities. While satisfaction among AI-assisted travellers is remarkably high, a cautious approach is warranted, especially for critical tasks like visa applications or bookings, where the risk of 'hallucinations' could lead to tangible negative consequences. As AI continues to evolve, understanding its strengths and limitations, coupled with diligent verification practices, will be essential for travelers looking to leverage its power safely and effectively. The study was conducted by Kaspersky's market research center in partnership with the Toluna research provider in the summer of 2025. Three thousand respondents from 15 countries (Argentina, Chile, China, Germany, India, Indonesia, Italy, Malaysia, Mexico, Saudi Arabia, South Africa, Spain, Turkey, UK, UAE) took part in the survey.
