Story image

Why it’s time for organisations to rethink their cybersecurity strategy

08 May 2019

Article by Proofpoint Asia-Pacific and Japan vice president Tim Bentley

The recently announced 2019 Australian Federal Budget places a sizable emphasis on bolstering the country’s cybersecurity capabilities, a necessary priority given the ongoing global concerns around targeted state-sponsored attacks.

However, these forms of sophisticated attacks don’t just target government entities.

Every day, organisations of all sizes and industries must defend against targeted, high profile threats that aim to steal money, gather valuable information, or launch phishing or malware attacks.

The public and private sector alike are battling an everchanging landscape and must be attuned to the direction in which attackers are moving.

There has been a fundamental shift in the threat landscape, which demands an entirely new way of thinking from IT security teams.

Most security professionals are trained to approach security with the IP address at the centre of their world, but technology vulnerabilities have become rarer, and require more advanced cyber warfare skills to exploit.

To compensate for this, cybercriminals have shifted their focus.

Small or large, nearly every attack against the public and private sector begins in the same way – relentlessly targeting a person through email, social networks or SaaS applications.

These attacks are socially engineered and often use identity deception tactics (such as spoofing and fake email chains) to pose as trusted colleagues or business partners over email and manipulate potential victims into wiring funds, opening a link or attachment, or disclosing information.

Notably, the traditional VIPs within an organisation are often not the same VIPs a cybercriminal would target.

Instead, targeted individuals can range from a CEO’s executive assistant, an intern who handles assigning key card access for a government building, to even a financial team member who wires financial payments to vendors.

These very attacked people (or VAPs) are not necessarily people who are known or actively tracked by the security team which is why an attacker can often be successful without the alarm bell ringing.

This shift in the landscape shows no sign of slowing down.

Proofpoint researchers observed that the number of email fraud attacks against targeted companies increased 226% between Q3 2018 and Q4 2018, and 476% when comparing Q4 2017 and Q4 2018.

Given this, implementing a security strategy that prioritises the protection of people is a key step in proactively preventing a catastrophic loss of data, funds and ultimately brand reputation.

Organisations can establish a people-centric security strategy by taking the following steps:

  • Assume users will click – Social engineering is increasingly the most popular way to launch email attacks and criminals continue to find new ways to exploit the human factor. Leverage a solution that identifies and quarantines both inbound email threats targeting employees and outbound threats targeting customers before they reach the inbox. 
     
  • Build a robust email fraud defence – Highly-targeted, low-volume business email compromise scams often have no payload at all and are thus difficult to detect. Invest in a solution that has dynamic classification capabilities that you can use to build quarantine and blocking policies. 
     
  • Train users to spot and report malicious email - Regular training and simulated attacks can stop many attacks and help identify people who are especially vulnerable. The best simulations mimic real-world attack techniques. Look for solutions that tie into current trends and the latest threat intelligence.
     
  • Protect your brand reputation and customers – Fight attacks targeting your customers over social media, email, and mobile—especially fraudulent accounts that piggyback on your brand. Look for a comprehensive social media security solution that scans all social networks and reports fraudulent activity. 
     
  • Partner with a threat intelligence vendor – Smaller, more targeted attacks call for sophisticated threat intelligence. Leverage a solution that combines static and dynamic techniques to detect new attack tools, tactics, and targets—and then learn from them. 
Bitglass appoints new cloud, business development leaders
The cloud security company has appointed vice presidents for worldwide channels and worldwide business development.
Ping Identity offerings accelerates cloud MFA and SSO adoption
90% of respondents trust MFA as an effective security control to protect identity data in public clouds, yet only 60% of organisations have formally adopted it.
Trend Micro introduces cloud and container workload security offering
Container security capabilities added to Trend Micro Deep Security have elevated protection across the DevOps lifecycle and runtime stack.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.
Veeam Availability Orchestrator update aims to democratise DR
The ability to automatically test, document and reliably recover entire sites, as well as individual workloads from backups in a completely orchestrated way lowers the total cost of ownership (TCO) of DR.
EXCLUSIVE: Forcepoint global channel chief talks strategy
As a solution sold 100% via the channel, cybersecurity solutions company Forcepoint places a strong emphasis on its partner relationships.
Salesforce continues to stumble after critical outage
“To all of our Salesforce customers, please be aware that we are experiencing a major issue with our service and apologise for the impact it is having on you."