Welcome to the inaugural blog post for Sharpening Your Defenses. We hope you find our posts informative, engaging, and useful. Here we will bring you insights into the issues facing corporate security teams and senior management alike, as well as tips and tricks on how to address the changing face of corporate data security.
One certainty about the data and cybersecurity environment is it’s not stagnant. Every hour of every day we are seeing new approaches from bad actors to breach your networks, steal your data and compromise your staff. You need to be building out the right defenses 100 percent of the time while the threat actors pound away, looking for that one, potentially insignificant chink in the armor that can make the difference between a defended ping and the placement of malware deep into your network.
One trend we expect to see this year is an increase in the number and quality of phishing attacks due to the incorporation of artificial intelligence by the attackers. There is a lot of information about potential high-value targets on the internet today. Open source intelligence — the data that attackers can obtain simply by spending the time to look for it from a variety of public websites — is easy to access and can be incorporated into very convincing attacks. By incorporating AI and machine learning techniques, attackers can build better phishing schemes based on valid information gleaned from multiple sources, then processed to produce high-quality attacks.
It is likely that attackers will know more about what’s going on in your company before you do by using algorithms to collect data from various public-facing sources, then crunching it to produce phishing emails that can be at least partially verified (the CEO really is traveling today and the CFO really is at a meeting with accountants today, so perhaps it will be more difficult to get an immediate confirmation that the email from the “CEO” requesting a funds transfer that must be done today can be confirmed before the “deadline.”
Defeating the more sophisticated attacks will require greater vigilance on the part of the targets, as well as more effective and efficient policies and procedures on the part of companies to ensure that these potential business email compromise attacks can be stopped more quickly and with greater efficacy.
How you implement these new policies and procedures depends greatly on the size of the company, size of the IT staff overall, size of the security team, and whether the company has dedicated security professionals. It also will depend on senior management’s commitment to ensuring that security employees and non-infosec staff alike have the tools they need to stay safe. Defending against malware requires a lot more effort than simply not opening attachments or clicking links, but that’s a good place to start. We will look at some of the other tactics here and throughout the site. Please take the time to browse through; we’re sure you will find a lot of useful information you can put into practice immediately.
Being cybersafe is not a reactive activity; it’s proactive. You and every one of your colleagues can make a difference. We’ll help you find the best methods for your company, regardless of size.