Uncertain times have brought with it an entirely new security profile for organisations that now plague CISOs (Chief Information Security Officer). Remote working and unprepared enterprises have slackened the ability to control every facet of security on end users’ machines. CISO’s are faced with the challenge to realign their security strategy in order to deal with the altered risk profile they face. Let’s use spear phishing as a simple example to elucidate the point of how old threats present a different challenge in the new operating environment making cyber security breaches a whole new challenge.
Business as Usual
Spear phishing is a highly targeted form of phishing attacks which do not rely on spam campaigns. The victims of spear phishing are carefully selected. Having zeroed in on a targeted victim, the attacker begins by crafting emails that appear believable, realistic and designed to appeal to the intended victim. Open-source research on the target is leveraged to assist in crafting the perfect email bait. Easily available online profiles on social platforms have made information gathering an easy task. This type of research allows the attacker to build a detailed profile of the recipient, including disguising emails that appear to originate from a co-worker or a direct senior manager. According to Cofense (formerly PhishMe Cofense.com) 91% of cyber-attacks begin with a spear phishing attack. 83% of information security professionals have experienced phishing attacks in 2018. A data breach 2019 investigation report listed phishing as the leading cause of data breaches in that year. So how does the current operating environment for business make this threat even more virulent?
New Risk Profiles
The onset of global pandemic forced many organizations to move their operations to a remote working model. This has given rise to security challenges associated with individuals working from home. Employees are now isolated having to increasingly collaborate through emails with their team members. Added to this, the more relaxed, informal operating environment – the risk of clicking on an email that appears to be from a legitimate source increase exponentially. It is also worth noting that 78% of known cyber espionage incidents involved phishing according to Verizon “2019 Data Breach Investigations Reports”. 87% of the incidents involved “the installation and use of backdoors and/or C2 malware”. On top of this, we can add the current data on spear phishing attacks reported by CIO & Leader Study: “Between March 1 and March 23, Barracuda Sentinel has detected 467,825 spear phishing email attacks, and 9,116 of those detections were related to COVID-19”.
The data makes it evident that no matter what an organization’s security protocol is, there is always a looming threat that someone, somewhere in the organization will inevitably click on a link that will bring the entire wall crumbling down. You could resort to the traditional defence, or you could take a dynamic approach to meet the new security threat landscape.
Cyber deception is the key to staying ahead of the threat curve faced by enterprises today. Cyber deception is an umbrella term that envelopes deliberate and controlled efforts by IT professionals to conceal enterprise networks. It involves simple techniques that allow organizations to manipulate targeted attacks with virtually no resource deployment. All you have to do is work with CSG Technologies. In addition to concealing and protecting organization systems, the company’s proactive monitoring team will detonate the spear phishing email providing a wealth of information on indicators of compromise and indicators of attack. System compromises and attack indicators when received without prior knowledge can often appear out of context or relevance. However, when viewed from an expert perspective and in real time during monitoring, they provide actionable intelligence. Put simply, it is about getting the right information to the right people at the right time, to enable them to make the right decision. The right decision is ensuring that key revenue generating operations are kept stable and online without disrupting either internal stakeholders or external customers.
Real-Time Enterprise Intelligence
All information collected by the CSGT network and system monitoring processes delivers key insights into system adversaries. A simple rule of thumb for any security protocol is to define what you are protecting it against. This is where most organisations fail, as the threat is now dynamic and defining the ever-evolving threat landscape is best left to the experts. Once you have the information, you are better able to align your security real estate in the most cost-effective manner while ensuring it is tunes to operate at maximum efficiency and capacity.
Building Business Resilience
Delivering real-time enterprise intelligence that gives you granular information about how and why attackers are spear phishing your organisation or you VIPs is critical in the current business environment. With resources stretched, you cannot worry about what ‘might’ impact you. You need to know what will impact you, and how it will disrupt your business operations. With this information, the CISO can ensure that their scarce security resources are aligned perfectly to mitigate the threats that are targeting their organisation. Reduce the risk of business disruption through deception and empower your security organisation to meet the challenges of the new economic environment. Do you want to receive a free in-depth overview of how you could leverage the CSGT expertise to deal with the threat of spear phishing?
talk to one of the team members about setup and implementation.