True cybersecurity means centering policies on employee behavior, report says

3 years ago 406

Protecting systems from atrocious actors is essential, but each the firewalls successful the satellite are useless against the modern hacker who targets quality weaknesses alternatively of integer ones.

securityhacker-istock.jpg

Image: iStock/iBrave

A survey from cybersecurity institution Proofpoint recovered that 2020 was a large twelvemonth for cybercriminals, who shifted their strategies to amended people susceptible distant workers. Those trends, Proofpoint concludes, are present to stay, which means the quality origin successful cybersecurity is much important to absorption connected than ever before.

SEE: Security incidental effect policy (TechRepublic Premium)

Proofpoint analyzed billions of emails and combed done records from 2020 to find immoderate startling statistic astir the authorities of cyberattacks that people workers. Credential phishing accounted for two-thirds of malicious emails, and attacks that tricked users into opening attachments were the astir successful, enticing 1 successful 5 radical into opening them. Business email compromise attacks person go much complicated, CAPTCHA screens are present being utilized to assistance successful the realism of malicious web pages, and steganography (hiding malicious codification successful a record similar an representation oregon audio) had the highest complaint of success, with 1 successful 3 falling victim. 

"Attackers don't hack in, they log in, and radical proceed to beryllium the astir captious origin successful today's cyber attacks. The menace ecosystem has evolved implicit the past year, and this report explores however a people-centric attack to cybersecurity tin trim today's risks," said Proofpoint's EVP of cybersecurity strategy, Ryan Kalember.

The 31-page study is divided into 3 areas: Vulnerabilities, which looks astatine however attackers are fooling users; attacks, which looks astatine however cybercriminals exploit vulnerabilities and the types, techniques, and tools they use; and privilege, which examines insider threats and however high-privileged users tin go a risk, adjacent unknowingly. 

Looking implicit the study is simply a bully mode to larn what benignant of risks an enactment tin expect, but Proofpoint besides spells retired however organizations and their IT leaders tin instrumentality a people-centric cybersecurity policy, which it again divides into 3 sections.

First, it's indispensable to mitigate vulnerabilities, by which is meant eliminating imaginable anemic points among employees. This tin beryllium done by:

  • Training users to spot malicious messages by mimicking real-world attacks
  • Isolate perchance malicious websites and URLs done firewall rules, browser filters and email rules. 
  • Threats proceed to evolve, truthful cognize that a idiosyncratic volition marque a mistake eventually, which leads to the 2nd section.

Attacks are inevitable, Proofpoint said, truthful dainty them arsenic ever-present threats and hole accordingly: 

  • Build a robust email fraud defence strategy that tin quarantine and artifact messages. Analyze some ingoing and outgoing email postulation to find abnormalities.
  • Ransomware requires an archetypal infection; combat to forestall those infections of trojans, loaders and different malware.
  • Protect unreality accounts from takeover by utilizing tools similar two-factor authentication, biometric logins and different methods that supplement accepted password-based security.

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

Privilege is the past country Proofpoint covers. It explains privilege arsenic a hazard that arises from privileged accounts that are either utilized arsenic an archetypal onslaught vector oregon are compromised aft an attacker has already breached in. Either way, Proofpoint recommends the following:

  • Deploy an insider menace absorption strategy that tin find if an relationship is compromised and fastener it down.
  • Respond rapidly to privilege abuses, some intentional and accidental.
  • Enforce information policies and refresh them done regular training, real-time reminders, and relationship restrictions erstwhile needed.

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also spot

Read Entire Article