It's easy to rest on our laurels. Prevent a few breaches - or go long enough without one - and you start to feel invincible. While our efforts are certainly laudable, we can't get too comfortable.
As defenders, we always need to be on the hunt for what we've missed and ways to do better. Here are ten common cybersecurity mistakes that crop up (and how to avoid them):
1: Failing to get executive support. It's 1: tempting to run off down the right direction before getting C-suite approval (ask for forgiveness, not permission, right?). However, that can backfire with unintended consequences down the road.
Cyber threats are growing more sophisticated, covert, and frequent every day. This year alone has seen the likes of T-Mobile and PharMerica suffering serious security breaches. These incidents disrupted operations and threatened their bottom lines, not to mention the lingering aftereffects and negative brand perception in the eyes of their customers.
Taking the recent Optus data security breach as an example, one source indicated that up to 30% of Optus customers would switch providers due to that incident. Even if an individual's data has not been compromised, the risk outweighs the rewards of loyalty.
Businesses have a responsibility to implement proactive measures to protect their data and systems, as doing so is integral to preserving the organization's finances and reputation in the long-term. One of the most effective ways to strengthen your data protection posture is to conduct regular infrastructure, network, and system cybersecurity audits.
How do you train others to avoid being victims of online crime? It's all about human behavior.
If you're an IT pro or a serious PC hobbyist, computers are as logical as Mr. Spock. If you're a human being without a technical background, the average Windows error message might as well be written in Klingon.
For that latter audience, computer security often devolves into magical thinking. That's unfortunate because the reality is that most of the things you can do to protect yourself online are about simple psychology and basic human behavior.
Passwords have gotten a lot of attention lately. Why? Because they pose a double threat with hackers and users. According to the Verizon 2023 DBIR, 86% of breaches involve stolen, weak, or default passwords. Of those breaches, 74% involve the human element, which includes social engineering attacks, errors, or misuse.
Passwords were never the ideal security solution for the modern, interconnected world. Much of what we do today is online - work, school, citizen services, shopping, and more. And what's the first thing users are hit with every time? The dreaded username and password prompt before the journey can continue.
Furthering the problem is the fact that the average internet user has 240 online accounts that require a password. Are we really expected to have a unique password to remember for each account? Hackers know all too well the answer is no, making passwords a ripe opportunity for hackers but a significant threat to everyone else.
CISO Global (NASDAQ: CISO), an industry leader as a managed cybersecurity and compliance provider, is expanding its capabilities by deepening its threat intelligence feed and incorporating it into existing services
Named 'Threat Informed', this new data stream mines the DarkNet, an overlay of secret networks comprised of communication channels that can only be accessed with specific software and processes used mostly by malicious hackers, to identify cybersecurity threat intelligence that is otherwise difficult to find and/or discern.
Leveraging proprietary DarkNet technology and other intellectual property, CISO Global executes its own real-time, continuous DarkNet searches, validating the security of its clients to ensure they have not been compromised. Threat actors routinely trade in compromised username and password combinations to execute malicious attacks. Whereas many threat feeds retain outdated information, CISO uses a proprietary methodology to verify that its threat feed is current and to ensure relevance and accuracy.
Cybersecurity is often out of sync with business goals, according to a study conducted by Forrester Consulting, which found 97% of organizations face challenges in trying to align cybersecurity priorities with business outcomes.
More than nine in 10 respondents (93%) said their organizations struggle with measuring their cybersecurity performance in relation to business outcomes.
The challenge to align cybersecurity and business goals was most pronounced by financial services and insurance (47%) and media, entertainment and leisure industries (also 47%), followed by retail and wholesale (43%) and utilities and telecommunications (38%) verticals.
Piyush Pandey, CEO at Pathlock, explained that cybersecurity is often aligned with preventative measures and is considered successful when nothing happens to the company.
In today's digital age, where organisations heavily rely on technology and data, ensuring strong Cyber Security practices is paramount, and one often overlooked aspect, is the departure of staff members.
The departure of an employee can introduce vulnerabilities and risks if not handled properly. Establishing a well-defined process for staff departures is crucial not only for maintaining operational continuity but also for safeguarding sensitive information from potential cyber threats. Chris White, member of International Cyber Expo's Advisory Council, and Head of Cyber and Innovation, The South East Cyber Resilience Centre (SECRC) offers his thoughts on the subject:
Stolen cloud credentials cost about the same as a dozen donuts, according to IBM X-Force, whose threat intel team says logins make up almost 90 percent of goods and services for sale on dark web marketplaces.
However, in many instances criminals don't even need to shell out the 10 bucks. X-Force also discovered plaintext credentials on user endpoints in a third (33 percent) of all the cloud-related incidents it responded to.
"And that's a terribly high number relative to what the industry should know at this point about safekeeping of secrets and passwords in particular," said Chris Caridi, a cyber threat analyst at IBM X-Force, who authored the 2023 Cloud Threat Landscape Report.
In light of these other statistics, perhaps it shouldn't be too surprising that valid credentials are the most common initial access vector in cloud security breaches, occurring in 36 percent of all cases that the X-Force IR team responded over a 13-month period.
These include the use of malvertising and search engine optimization (SEO) techniques to cultivate compelling and effective phishing and social engineering campaigns, the utilization of emerging advanced language model (ALM) technologies, and the increased targeting of authentication processes.
While the global fraud rate trended lower than normal expected fraud levels during the report's time period (January - June 2023), Visa shared that it helped to proactively block $30 billion in those time periods. However, threat actors were successful in conducting targeted and sophisticated fraud schemes impacting specific institutions, technology, and processes.
Ransomware attacks continue to evolve
March 2023 surpassed prior ransomware attack records for the most attacks in one month with nearly 460 attacks; a 91% increase over February 2023 numbers and 62% higher compared to the same period in 2022. A 2023 ransomware report identified that exploited vulnerabilities were the most common (36%) root cause of ransomware attacks, followed by compromised credentials (29%).
SANS has released the results of its annual DevSecOps survey, which reveals important shifts in how organizations are approaching application security testing.
While the "shift left" mentality may be less pervasive, the survey found that shifting all the way left to upfront software risk assessments are now seen as the most useful technique for building secure applications. The report also highlights a greater reliance on third parties for compliance reviews and security testing, increased adoption of software composition analysis (SCA) - and a recognition that communication and culture are key to DevSecOps success.
India's telecom regulators aren't allocating spectrum directly to enterprises for building private 5G networks, but they can lease it from private operators. Once the process starts-off, CTOs may have to be ready to face some challenges when they shift over from legacy systems to private 5G networks.
The new data-swift environment brings its own set of security challenges given that the 5G architecture is different compared to the 4G and older mobile technologies. The biggest shift is that the new tech is cloud-native in design and the software is created using microservices and container technologies.
In this blog, we present the CISO's Checklist for Maximizing Cybersecurity ROI, providing essential criteria to navigate this complex terrain effectively. Explore how aligning security strategies with business objectives, adopting continuous threat exposure management, and harnessing the power of automation can fortify cybersecurity in an ever-evolving threat landscape.
The sheer number of vendors, and solutions available in today's cybersecurity market can leave even the most seasoned CISOs and security leaders grappling with the decision about where to invest their resources. But in an era where cyber threats are becoming increasingly sophisticated and prevalent, and the market conditions are causing budgets to tighten, making the right choices to maximize their cybersecurity return on investment (ROI) is not just advisable; it's imperative.
In today's volatile and interconnected world, safeguarding a company's assets is not just about fending off external cyber-attacks and physical breaches. However, an often overlooked risk comes from within - the insiders.
According to industry reports and research, insider threats represent a significant proportion of all security incidents. Understanding these threats is the first step in mitigating risks and fortifying your organisation. At Signpost Six, we are committed to helping organisations stay one step ahead of these threats. Here, we present the top 7 insider threats every company should be aware of.
Cybercrime cost Americans $10.3 billion in 2022, according to the FBI's IC3 report. The average cost of a breach globally was $4.45 million in 2023, per IBM's Cost of a Data Breach report. And the total cost may be as much as $8 trillion around the world this year.
Cybersecurity is clearly getting something wrong.
Cybercriminals, of course, are constantly adapting, so we can't lay all the blame at the feet of the industry that is supposed to defend us from them. At the same time, though, many organizations are falling behind -- floundering as they try to address the latest threats or simply ignoring them and hoping for the best.
Even proactive CISOs are limited by budgetary constraints and operational inefficiencies. Bristling arsenals of security solutions are deployed in a haphazard perimeter, leaving plenty of gaps for motivated hackers to exploit. And staffing shortages don't help. ISC2's 2022 workforce study indicates a need for 3.4 million more cybersecurity professionals.
See all Archived IT - Security articles
See all articles from this issue