cybersecurity Archives - Page 2 of 6 - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

cybersecurity

Nine cyber security trends to watch out for in 2023

 960 640 Guest Post
By:
0
0

By Miri Marciano, Associate Director, Cybersecurity Expert at Boston Consulting Group

Here’s what organisations should be on the look out for in an increasingly volatile environment, where attackers are constantly finding new ways to access sensitive information and take control of vital systems. The wider issue will be to make sure the recovery system an organisation is fool-proof – ensuring they can bounce back from an attack in an instant.

As we develop new technologies such as the metaverse, organisations must be on the look out for new tools that attackers will be using. It is critical they consider the following trends that we will see in 2023…

  1. Cyber will continue to be a big business

Cyber will always be a huge business and as we’ve seen this year, as long as new technologies are being developed, there will always be more hackers. Effective cyber protection is now regarded as a significant competitive advantage and security has become a major focus at board level of public and private organizations as an area of ongoing strategic investment – this is a key learning for next year.

2. There will be an increase in attack surface expansion

The extensive use of cloud applications by remote staff, customers, suppliers, and third parties has multiplied the attack vectors and vulnerabilities across complex, interconnected tech supply chains. There has also been exponential growth in connected low security IoT devices, adding to the rapidly growing attack surface. We also continue to feel the impact of geopolitics on the cybersecurity threat landscape.

3. Geopolitics will impact the cybersecurity threat landscape

Governments are starting to attack countries or critical infrastructure and this will grow more in 2023. The attacks won’t be to gain anything of monetary value but will be more so an act of terrorism. Or an aditional weapon when having a kinetic confrontation of parties.

4. Ransomware will continue to rank highest in terms of types of threats

In terms of types of attacks, ransomware has grown as a threat this year in the shape of double extortion, including data exfiltration, ransomware as a service and massive DDOS attacks. With these increasing threats, there must be an increase in talent and businesses are having to outsource to MSSPs as the job market is highly competitive in the cybersecurity sector.

5. An increase in supply chain attacks

Threat groups will increase their interest and capability in supply chain attacks and attacks against Managed Security Services Providers (MSSPs).

6. AI and machine learning will be made use of

Attackers will increase their use of AI and machine learning, as well as other technologies, to launch increasingly sophisticated attacks. Social engineering-based attacks will be strengthened by AI and ML. It is simpler and faster to gather data on businesses and employees using these capabilities.

It is an effective tool for cybercriminals because of its ability to anticipate what’s happening now and what might happen in the future.

On the other hand, AI can strengthen cybersecurity – powered systems such as SIEM capabilities allow security teams to detect threats faster and respond to incidents quicker. Higher capabilities create correlations, automation and more.

7. There will be a talent shortage

There will continue to be a highly competitive labour market for cyber talent. Organisations are increasingly investing in automation and orchestration to address cybersecurity tasks.

They will outsource to specialised services providers (MSSPs) rather than on-premise deployment.

8. The govenment will need to act

Nations will need to ensure protection and safeguarding of critical national infrastructure and services. Governments need to look at adapting regulations, data protection policies and compliance requirements and invest in building a culture of security awareness across organisations.

9. The main focus will be on recovery

Organisations will shift towards additional investing in recovery and restoration to prepare for managing a crisis – they will need to understand that a crisis is just a matter of time.

Business confidence in cyber attack recovery ‘at an all time low’

 960 640 Stuart O'Brien
By:
0
0

IT and security leaders must address, on average, one cyberattack per week, while a third of organisations are forced to change leadership as a result of an incident.

That’s according to “The State of Data Security” report by Rubrik Zero Labs, which gathered insights from more than 1,600 security and IT leaders including CISOs, CIOs, VPs and Directors across 10 countries. The findings exposed rising security risks for organizations, resulting in widespread damage to organizations and their IT and security teams.

Key findings include:

Cyberattacks Continue to Surge in Volume and Impact:

  • Nearly every leader surveyed experienced a cyberattack over the past year, and on average faced 47 attacks in that timeframe — or nearly one cyberattack per week.
  • 52% reported a data breach and 51% reported facing a ransomware attack in the past year.
  • Only 5% of organizations were able to return to business continuity or normal operations within one hour of discovering a cyberattack.
  • 48% of IT and security leaders reported to be concerned about data breaches (25%) or ransomware events (23%) as the top threat for the year ahead.

Organizations Are Losing Confidence in Their Ability to Withstand Attacks:

  • 92% of respondents are concerned they will be unable to maintain business continuity if they experience a cyberattack.
  • One third believe their board has little to no confidence in their organization’s ability to recover critical data and business applications after a cyberattack.
  • 76% of survey respondents reported their organization is likely to consider paying a ransom following a cyberattack.
  • 11% of IT and security leaders said they had not adequately addressed vulnerabilities from previous cyber events.

The Weight of Cybercrime Is Taking a Toll:

  • 96% of respondents reported experiencing significant emotional or psychological consequences following a cyberattack, ranging from worries over job security (43%) to loss of trust among colleagues (37%).
  • About one third of respondents reported leadership changes as a result of a cyberattack.
  • About one third of leaders surveyed said their IT and SecOps teams were either somewhat or not at all aligned when it came to defending their organizations.

“It’s clear from this research that cyberattacks continue to produce large impacts against global organizations and the effects are compounding,” said Steven Stone, Head of Rubrik Zero Labs. “In addition to this rise in frequency and impacts of cyber events, the individuals on the front lines are taking a psychological hit on their wellbeing. Trust is down and anxiety is up. Without a proactive and reliable approach to defend against modern cyberthreats and strengthen confidence in an organization’s ability to resolve these cyber events, these impacts – both human and organizational – will continue to worsen and feed each other.  The good news is we’re also seeing pragmatic, proven strategies in this same space paying off and we can build off these approaches.”

“We often overlook the psychological dimension of cyberattacks and the chaos that tends to follow after discovering an incident,” said Chris Krebs, Former Director of CISA and Founding Partner of the Krebs Stamos Group. “The bad guys sure have figured it out, though, with criminals and state actors alike trying to generate emotional responses when they attack, as evidenced by the increase in criminal extortion efforts and hack and leak campaigns. In the end, IT and security leaders alike tend to take the blame for these cyberattacks. One of the most effective techniques I’ve seen to prepare for these types of attacks is to accept you’re going to have a bad day at some point, and your job is to ensure that it doesn’t become a “worse day.” This is why we need defenders across the spectrum to come together – sharing best practices, learnings after attacks, simulations, frameworks – so that we’re collectively strengthening our defenses and minimizing the psychological impact brought on by an attack.”

“The State of Data Security” comes from Rubrik Zero Labs, the company’s ​​new cybersecurity research unit formed to analyze the global threat landscape, report on emerging data security issues, and give organizations research-backed insights and best practices to secure their data against increasing cyber events.

80% of software supply chains exposed to attack

 960 640 Stuart O'Brien
By:
0
0

Four in five (80%) IT decision makers stated that their organisation had received notification of attack or vulnerability in its supply chain of software in the last 12 months, with the operating system and web browser creating the biggest impact.

That’s according to new research from BlackBerry, which shows that following a software supply chain attack, respondents reported significant operational disruption (59%), data loss (58%) and reputational impact (52%), with nine out of ten organisations (90%) taking up to a month to recover.

The results come at a time of increased U.S. regulatory and legislative interest in addressing software supply chain security vulnerabilities.

The survey of 1,500 IT decision makers and cybersecurity leaders across North America, the United Kingdom and Australia revealed the significant challenge of securing software supply chains against cyberattack, even with rigorous use of recommended measures such as data encryption, Identity Access Management (IAM) and Secure Privileged Access Management (PAM) frameworks.

Despite enforcing these measures across partners, more than three-quarters (77%) of respondents had, in the last 12 months, discovered unknown participants within their software supply chain that they were not previously aware of and that they had not been monitoring for adherence to critical security standards.

“While most have confidence that their software supply chain partners have policies in place of at least comparable strength to their own, it is the lack of granular detail that exposes vulnerabilities for cybercriminals to exploit,” said Christine Gadsby, VP, Product Security at BlackBerry. “Unknown components and a lack of visibility on the software supply chain introduce blind spots containing potential vulnerabilities that can wreak havoc across not just one enterprise, but several, through loss of data and intellectual property and operational downtime, along with financial and reputational impact. How companies monitor and manage cybersecurity in their software supply chain has to rely on more than just trust.”

Results also revealed that while, on average, organisations were found to perform a quarterly inventory of their own software environment, they were prevented from more frequent monitoring by factors including a lack of skills (54%) and visibility (44%). In fact, 71% said they would welcome tools to improve inventory of software libraries within their supply chain and provide greater visibility to software impacted by a vulnerability. Similarly, 72% were in favour of greater governmental oversight of open-source software to make it more secure against cyber threats.

In the event of a breach, 62% of respondents agree that speed of communications is paramount and 63% would prefer a consolidated event management system for contacting internal security stakeholders and external partners. Yet only 19% have this kind of communications system in place. Multiple systems are in place with the remaining 81%, despite only 28% of respondents saying that they need to tailor communications to different stakeholder groups.

62% of consumers still choosing to use repeat passwords

 960 640 Stuart O'Brien
By:
0
0

Regardless of generational differences across Boomers, Millennials and Gen Z, new research shows a false sense of password security given current behaviours across the board.

In addition, the LastPass fifth annual Psychology of Password findings found that while 65% of all respondents have some form of cybersecurity education – through school, work, social media, books or courses – the reality is that 62% almost always or mostly use the same or variation of a password. 

The goal of the LastPass Psychology of Passwords research is to showcase how password management education and use can secure users’ online lives, transforming unpredictable behaviour into real and secure password competence. The survey, which explored the password security behaviours of 3,750 professionals across seven countries, asked about respondents’ mindset and behaviours surrounding their online security.

The findings highlighted a clear disconnect between high confidence when it comes to their password management and their unsafe actions. While the majority of professionals surveyed claimed to be confident in their current password management, this doesn’t translate to safer online behaviour and can create a detrimental false sense of safety. 

Key findings from the research include: 

  • Gen Z is confident when it comes to their password management, while also being the biggest offenders of poor password hygiene. As the generation who has lived most of their lives online, Gen Z (1997 – 2012) believes their password methods to be “very safe”. They are the most likely to create stronger passwords for social media and entertainment accounts, compared to other generations. However, Gen Z is also more likely to recognise that using the same or similar password for multiple logins is a risk, but they use a variation of a single password 69% of the time, alongside Millennials (1981 –1996) who do this 66% of the time. On the other hand, Gen Z is the generation most likely to use memorisation to keep track of their passwords ( 51%), with Boomers (1946 – 1964) the least likely to memorise their passwords at 38%. 
  • Cybersecurity education doesn’t necessarily translate to action. With 65% of those surveyed claiming to have some type of cybersecurity education, the majority (79%) found their education to be effective, whether formal or informal. But of those who received cybersecurity education, only 31% stopped reusing passwords. And only 25% started using a password manager. 
  • Confidence creates a false sense of password security. While 89% of respondents acknowledged that using the same password or variation is a risk, only 12% use different passwords for different accounts, and 62% always or mostly use the same password or a variation. To add to that, compared to last year, people are now increasingly using variations of the same password, with 41% in 2022 vs. 36% in 2021. 

“Our latest research showcases that even in the face of a pandemic, where we spent more time online amid rising cyberattacks, there continues to be a disconnect for people when it comes to protecting their digital lives,” said Christofer Hoff, Chief Secure Technology Officer for LastPass. “The reality is that even though nearly two-thirds of respondents have some form of cybersecurity education, it is not being put into practice for varying reasons. For both consumers and businesses, a password manager is a simple step to keep your accounts safe and secure.” 

For more information and to download the full Psychology of Passwords research findings, please click here. 

Top 5 crypto cyberthreat statistics of the last year

 960 640 Stuart O'Brien
By:
0
0
Firstly, cryptocurrency companies are fairly new to the market but deal with a lot of sensitive information, including the client’s funds. Secondly, crypto payments are irreversible and uncontrolled by central authorities, so it is easier for criminals to run away with stolen funds.
Lastly, many newcomers are not very knowledgeable about how cryptocurrencies work, making it easier for criminals to scam them. These are just some reasons why crypto-related cyber crimes are still going strong. In this article, the Atlas VPN team has compiled a list of the top five most notable cryptocurrency threat statistics and findings of the last year…
#1 Crypto hackers stole almost $2 billion in H1 2022 (Source)
 
Even with the crypto market on the decline, cryptocurrency project hacks are not going anywhere. In the first half of 2022, cybercriminals cashed in $1.97 billion from 175 crypto project hacks.
Over $1 billion were looted from the Ethereum ecosystem projects alone. The Solana ecosystem also suffered greatly, with hackers stealing $383.9 million from Solana-related projects.
 
#2 Crypto miners were the most-common malware family in 2021 (Source)
There are many types of malware, and each is used for different attacking objectives. All malware is classified as malicious software and can crack passwords, spread through networks, or disrupt the daily operations of organizations. In 2021, the most widespread malware family was cryptominers, with about 150K such threat detections.
Cryptominers have become extremely popular among cybercriminals over the past year. By using CPU and GPU resources of victims’ devices, threat actors mine various crypto for profit. Sometimes such malware can stay on the device unnoticed for months.
#3 Over $12 billion in crypto stolen in the past decade (Source)
The crypto industry’s technology has improved dramatically since the launch of Bitcoin in 2009. Despite this, many cryptocurrency providers have failed to develop effective security mechanisms that would prevent hackers from exploiting vulnerabilities for personal benefit at the expense of their victims.
Research revealed that more than $12 billion of crypto assets were stolen in the past 11 years. In addition, 40% of the funds were stolen from fraudulent exchanges, while Decentralized Finance (DeFi)-related hacks continue to surge.

#4 Blockchain.com, Luno, and Cardano are the top-most phished crypto projects (Source)

One of the phishers’ favorite tactics is impersonating well-known brands, and cryptocurrency brands are no exception.

Out of all cryptocurrency service brands, the website of Blockchain.com was the most commonly spoofed. The brand had 662 phishing websites in the last 90 days (till June 22, 2022). Blockchain.com is followed by the crypto investing app Luno, with 277 phishing pages, and proof-of-stake blockchain platform Cardano with 191.

#5 DeFi-related hacks accounted for 76% of all major hacks in 2021 (Source)

Decentralized finance (DeFi) is a system that enables the availability of financial products on a public decentralized blockchain network. Buyers, sellers, lenders, and borrowers can interact peer-to-peer through DeFi instead of going through intermediaries such as banks or brokerages when arranging transactions.

The Atlas VPN team found that DeFi-related hacks made up 76% of all major hacks in 2021. Furthermore, hackers stole $361 million from DeFi projects in the first half of 2021, which surpasses losses from 2020 by 180%.

Why your organisation needs the password police

 960 640 Stuart O'Brien
By:
0
0

By Steven Hope, CEO of Authlogics

We live in a world full of policy, etiquette, regulation, and law, that provides a written and sometimes unwritten framework for codes of conduct that are deemed acceptable or unacceptable in our society.

However, having rules in place does not guarantee compliance. It is for this reason that we have police forces, armies, industry watchdogs, regulators, peer pressure, and more to help ensure the rules are followed, and in the main, as a society, we are very good at obeying orders. Consider how most of us adhered to strict lockdown rules during the pandemic, and despite queues stretching for many miles, people took their place in line and waited to pay their respects to Her Majesty Queen Elizabeth during her lying-in-state.

However, there are instances where we may be more willing to bend the rules, especially if we perceive a victimless crime.  Passwords are a good example. A lot of organisations have a password policy, but many employees do not adhere to the rules, with passwords not being changed as frequently as required, the necessary format not being followed, the same passwords being used for multiple accounts, and the sharing of login credentials.

Yet, for those who diligently do the right thing, there can still be a problem if the policy itself is not fit for purpose. Earlier in the Summer, it was reported that Shopify required a password to be of at least five characters. However, research of breached passwords revealed that 99.7% of the passwords met Shopify’s requirements.

This case is far from surprising, given that many password policies in use today can be as much as 25 years old, despite guidance from bodies such as NIST. The world has moved on and the threat landscape has changed.  Phishing attacks were not around when many of these policies were created, but today they pose one of the single largest cybersecurity risks.

Part of the problem is what has long been a ‘strong’ and ‘secure’ password is no longer the case.  A combination of upper and lowercase and special characters only makes passwords harder to remember and not stronger. No matter how complex a password is, if a bad guy has the password, they have access. With this in mind, the foundation of any password policy must be to ensure that breached passwords are not in use with an organisation. The use of multi-factor authentication (a username, password, and another credential such as a pattern, PIN, or biometric for example) also has an important role to play, however, the first step is to have a password management solution in place that automatically detects breached passwords and ensures that it is immediately changed with a new password that conforms to the latest NIST recommendations.

Think of it as password policing rather than policy, a method for both prevention and enforcement. Passwords are far from the ideal authentication solution and the policies that have long governed them have done little to improve the situation. Organisations are beginning their journeys towards passwordless alternatives, but it will take time for this to be the norm. Until then it is vital that we create an environment in which they can be used with the highest level of assurance.

IT security solutions: 2022/23 buying trends revealed

 960 640 Stuart O'Brien
By:
0
0
Employee Security Awareness, Cyber Strategy and Access Control top the list of services the UK’s leading IT security professionals are sourcing in 2022/23. The findings have been revealed ahead of next month’s Security IT Summit and are based on delegate requirements at the upcoming event. Delegates registering to attend were asked which areas they needed to invest in during 2023 and beyond. The results show a marked difference compared to the same event in May this year, when Authentication, Compliance and Cloud Web Security topped the ranking. Top 10 products & solutions being sourced by Security IT Summit delegates: Employee Security Awareness Cyber Strategy Access Control Authentication Cloud Business Continuity Incident Response Managed Detection & Response Risk Management Vulnerability Management Advanced Threat Dashboard To find out more about the Security IT Summit, click here.  

Only 8% of global tech workers have significant cloud-related skills

 960 640 Stuart O'Brien
By:
0
0

75% of tech leaders say they’re building all new products and features in the cloud moving forward, but only 8% of technologists have significant cloud-related skills and experience. Additionally, 64% say that they are new to cloud learning and are looking to build basic cloud fluency.

That’s according to Pluralsight’s 2022 State of Cloud Report, which compiles survey results from more than 1,000 technologists and leaders in the United States, Europe, Australia, and India on the most current trends and challenges in cloud strategy and learning.

According to McKinsey, cloud adoption is crucial to an organisation’s success, with more than 1 trillion dollars in potential earnings in the cloud up for grabs across Fortune 500 companies by 2030. Yet, cloud skills gaps exist for many technologists today. Pluralsight’s 2022 State of Upskilling Report, released earlier this year, found that 39% of respondents ranked cloud computing as a top personal skills gap.

“As organisations begin making heavier investments into the cloud, they must dedicate resources and time to ensure their technologists are up to the task of cloud transformation,” said Drew Firment, VP of Enterprise Strategies at Pluralsight. “Findings from our State of Cloud Report show that most technologists only have a basic familiarity with cloud technologies. Tech leaders need a cloud strategy that provides confidence and predictability in their ability to build cloud maturity at scale and that starts with ensuring they can upskill their teams on cloud technologies.”

The State of Organisational Cloud Maturity

Pluralsight’s State of Cloud Report gathered data on organisational cloud maturity and cloud strategy. Nearly half (48%) of organisations rate themselves as having high levels of cloud maturity, while only 7% of organisations have made no investments into the cloud. The study also revealed that technology companies are more likely than any other sector to rate themselves as having a high level of cloud maturity.

There are many different ways that organisations can drive towards cloud maturity. In the survey, 45% of organisations say they design cloud strategies for speed and business value. Additionally, 39% of organizations are working to optimise for cloud-native with containers and serverless, and 38% of organizations enable hybrid architectures with distributed cloud.

Security is a top challenge to levelling up cloud maturity, regardless of the organization’s current level of maturity with 45% of organisations saying that security and compliance concerns are the number one cloud maturity challenge.

Key Trends in Cloud Learning

As the data from this report suggests, most technologists are new to their cloud learning journeys. Twenty percent of technologists report having skills gaps in fundamental cloud fluency.

For technologists, the top personal cloud skills gaps are:

  • Cloud security (40%)
  • Networking (37%)
  • Data (31%)

Additionally, there are a variety of barriers that technologists encounter when trying to upskill in the cloud. These barriers include:

  • Budget constraints (43%)
  • Being too busy/lacking time for upskilling (38%)
  • Employers emphasise hiring rather than upskilling (32%)

This data shows that employers’ willingness to dedicate resources for cloud upskilling greatly affects the cloud-readiness of their organization.

Despite these sometimes limited upskilling resources, technologists are still finding ways to engage with cloud learning. Sixty-eight percent of technologists dedicate time at least once per week to technology upskilling. For those upskilling in the cloud, 62% find hands-on or practical exercises, such as cloud labs and sandboxes, to be the most effective way to learn cloud skills. Forty-eight percent of technologists use online tech skills development platforms to learn cloud skills.

Disconnect Between Cloud Technologists and Business Leaders

Findings of this report reveal a disconnect between organisational and individual cloud maturity. Business leaders reported high confidence in their organisations’ cloud strategies while individual contributors report feeling new to cloud technologies.

Despite employee skills gaps, growing cloud skills internally was not one of the top strategies business leaders used for reaching organizational cloud maturity. Only 37% of organisations use internal cloud upskilling as a key strategy for cloud maturity. However, cloud skills gaps rank as the second largest cloud maturity challenge, with 43% of organizations agreeing that cloud skills gaps in their organizations affect cloud maturity. Challenges arise when trying to balance organizational and individual needs for learning, as individuals desire personal enrichment and career advancement from training (46%), while leaders value outcomes that identify vulnerabilities (30%) and cost optimisation (28%).

In order to achieve cloud goals like higher levels of cloud maturity, increased cloud security, and cost optimization, organisations need to be creators of cloud talent. Cloud technology is fairly ubiquitous, with 46% of leaders overseeing one or more technical teams that work directly with cloud technology. Upskilling cloud proficiency should be a top priority, as most technologists are still new to cloud technology and are looking to improve their fluency.

Pluralsight’s State of Cloud report can be found here.

75% of UK businesses see C-suite as key security advocates

 960 640 Stuart O'Brien
By:
0
0

Rackspace Technology research has highlighted the impact the past five years of global cyber threats have had on the relationship between an organisation’s security team and its C-suite.

The second annual cybersecurity research report found that more than half of UK business leaders (56%) now include cybersecurity attacks as one of their three main business concerns, making it the chief priority ahead of even price inflation (48%) and IT talent shortages (45%).

This is reflected in the evolving relationship between security teams and senior leadership. Almost three quarters of respondents (74%) feel that security teams have better board visibility than five years ago and the same proportion (73%) now consider the C-suite to be advocates of cybersecurity.

In general, communication between the two teams is also strong, with two thirds (66%) considering there to be few communication silos and almost seven in 10 (68%) considering the C-suite and security teams to collaborate regularly.

Rob Treacey, Head of EMEA Security at Rackspace Technology, said: “Huge encouragement can be taken from the findings that cybersecurity is now being prioritised at board or C-suite level – though this is also a reflection of the scale and severity of the challenges many organisations currently face from cyber threats.

“Too often in the past we have seen security teams undermined or siloed within organisations when their voices needed to be heard. It is therefore unsurprising to see cybersecurity emerge as a pivotal business issue as senior leaders finally recognise the need to keep hackers out, and the potentially devastating consequences of not doing so.”

This improved advocacy at a senior level is in turn helping to facilitate an increase in funding, with almost seven in 10 organisations (69%) currently upping their investment in cybersecurity. The average annual investment in cybersecurity has now reached $7.58 million in the UK – far outstripping the global average of $6.12 million – with more than a fifth (22%) committing at least $10 million a year.

Assigning this increased funding appropriately is emerging as the latest challenge, especially in a tightening labour market and with a premium on specialist cyber skills. In the UK, a lack of resources (39%) is considered the most common reason why an organisation needs to engage with external security providers, with a lack of expertise (36%) ranking second.

And with business operations now dominated by the cloud, almost two thirds (65%) of organisations are now investing in cloud native security – another more specialised area of a whole cybersecurity programme.

Treacey added: “Making the case for increased investment is no longer a challenge for security teams with the C-suite so bought into the need. The issue is that these senior leaders expect problems to disappear by throwing money at them when this will only be done through smart decisions.

“Many organisations do not have the skills or resources to counter the level of threats they are likely to encounter and are struggling to source them in a tough labour market. While it is encouraging to see leadership taking the issue of security seriously, there remain real challenges when it comes to ensuring organisations keep cyber threats at bay.”

To download the full report, click here.

Investing in a phishing prevention toolkit 

 960 640 Stuart O'Brien
By:
0
0

Phishing remains one of the biggest security threats to all businesses – regardless of size and industry. This was reflected in the Cyber Security Breaches Survey 2021, as phishing was identified as the most common type of security attack (82%) last year. 

The accelerated shift to hybrid work environments, triggered by the COVID-19 pandemic, has played a fundamental role in increased phishing activity. Shifting to remote working opened the door even wider to phishing, malware and other cyber threats – with attackers targeting users away from the office. 

Phishing is a threat that cannot be avoided, but it can be controlled. In June 2022, VIPRE produced a whitepaper which highlights that there are solutions that businesses can put in place to help stop valuable data from reaching the wrong hands.

Lee Schor, Chief Revenue Officer of VIPRE outlines the crucial technology tools and training needed to reduce the threat of phishing attacks and ultimately, for organisations to create a phishing prevention toolkit…

The Evolution of the Phishing Landscape

Phishing is the practice of sending a deceptive message to trick the user into revealing sensitive information, or to deploy malicious software, such as ransomware, onto an organisation’s IT network. Once sensitive information has been captured, the consequences can be severely damaging to a business – from financial repercussions, to loss of customers and damaged reputation.

In the modern threat landscape, cyber-attack methods are becoming increasingly sophisticated, and specifically, phishers are now using advanced social engineering to lure users into giving away confidential company data. For example, in 2021, Microsoft Office 365 users were targeted with a sophisticated phishing email to trick users into giving away their credentials via a compromised SharePoint website.

Over time, phishing has also become increasingly harder to detect, as it is highly targeted and constantly evolving to take advantage of both users and organisations – ever more so with the increase in hybrid working. VIPRE’s whitepaper outlines that there are now more phishing tactics than ever before, from vishing (voice), angler phishing (social media) to smishing (SMS phishing). Therefore, it is crucial that businesses prioritise how they can protect themselves and their users from falling victim to an attack. To get started, it is crucial that organisations invest in the right solutions to create a layered prevention toolkit, but what should this consist of?

Protecting IT Systems with Software Solutions 

Technology solutions can support businesses by acting as a layer of securityprotection to help identify, stop and block potential phishing threats from entering the network. But, with the evolution of phishing tactics, it is crucial that organisations deploy the right digital tools across the business to cover every potential attack entry point.

Email is the leading attack vector used by cybercriminals to deliver phishing, ransomware and malware attacks. The first step in preventing phishing via email, is to ensure that businesses have the right protection in place at the time of receiving and handling emails; such as email attachment sandboxing; anti-phishing protection; data loss prevention tools (DLP) and outbound email protection.

Innovative technologies such as machine learning can be used to scan emails for possible phishing scams by comparing links to known phishing data. If phishing is suspected, the malicious links are removed from the email message to mitigate any chance of the user clicking on them. Additionally, DLP tools help to stop sensitive information from leaving the organisation at the time an employee sends an email by offering a crucial double-check. For example, DLP tools can be used to prevent emails from being sent to the wrong person, as when a user clicks ‘send’ they are asked to confirm the email address(es) for the recipient(s) they are sending it to.

The initial step of having email security in place helps to neutralise malicious links before they enter the user’s inbox. But with the emergence of zero-day threats, having website security, such as URL sandboxing, has become a necessity. This is because phishing emails will often redirect a recipient to a website to enter personal information. Therefore, when a user clicks on a URL in an email, the destination web page and its content can be automatically sandboxed – where the user will be shown a detailed block page with a sanitised live preview of the page they are trying to access – shielding the business from any potentially malicious payloads.

Empowering Users with Education and Training

Digital tools can help to identify and stop potential phishing emails – but these technologies are not the complete solution. Employees need to also be regularly made aware of existing threats, wherever they are working and on whatever device they are using – which is especially important in the hybrid working environment.

No phishing prevention plan is effective without users understanding the threat landscape. Human intervention is sometimes the only way of spotting or stopping a phishing attempt. Therefore, it is crucial that businesses implement a security and phishing awareness training programme which educates users

on the different types of phishing and potential threats. Such education should be continuous and conducted on a regular basis throughout the year – not just a one-off tick box session. This is because cyber threats constantly evolve – so if the training is out of date – so is the business’s security protection.

It is vital that this training includes phishing simulations and penetration testing so that employees can face real-life scenarios. This type of education will help identify areas of weakness where organisations need to provide support to employees through additional training, for example, and will help businesses to continuously assess the success of a phishing awareness programme.

Conclusion

Investing in a phishing toolbox is essential to fully protect your organisation against ever-changing attacks and zero-day threats delivered via SMS, phone, and email.  By implementing the right technology, combined with user education and securityawareness training to give all-around protection, businesses can carefully manage and avoid phishing threats. As the growth of the cyber security threat landscape shows no signs of slowing down, organisations can be reassured that they have the necessary protective layers in place to combat the modern threat landscape by using the right tools and training.