After being in the law enforcement and security profession for over 30 years, I trust very few people. Maybe it’s just me, but I can be really rude on calls whom I don’t know calling my cell phone. I don’t subscribe to being like me, but the barrage of suspicious calls, text messages and emails I currently receive seems to have drastically escalated. All this harassment are social engineering tactics. A recent article in Forbes highlights the need to play as a team.
Social engineering attacks are presented in various forms, often in spoofed email containing hidden malware. Or like I mentioned, a strange text message from an unidentified “customer support specialist” asking for the company credit card number. A Slack notification from an “internal administrator” requesting confidential VPN credentials. Maybe even a Zoom meeting invite sent by a digital extortionist masquerading as a friendly colleague. All it takes is one mistake to put your organization at immediate risk.[1]
Unfortunately, these theoretical examples are not mere exaggerations intended to depict a doomsday scenario to scare the pants off CISOs. These are clear small-scale versions of a complex and rapidly evolving cyber threat landscape; that are real world occurrences which indicate the dangerous environment we live and work in today. I find it a hassle, but a hassle that must be dealt with in a proactive sense.
The explosion of social engineering attacks targeting the crossroads of business communications, people and data which is more prevalent than ever amid societal shifts to cloud-based hybrid work models. Nearly every organization surveyed in Forbes’ State of Email Security 2022 report was targeted by phishing attempts over the previous year, with the majority of respondents also reporting upticks in such incidents during that same span. Additionally, according to a 2022 Federal Bureau of Investigation (FBI) report, business email compromise attacks have cost global organizations more than $43 billion since June 2016.
Before any significant progress in the ongoing fight against cybercrime commences, a shift in mindset is needed across the public and private sectors alike. Attempting to combat sophisticated threat actors with strained security teams operationalizing sprawled tools and siloed systems only adds another layer of complexity to the challenge at hand. Instead, enterprises must design their security frameworks around a holistic team sport approach that combines the power of people, processes, products and API partnerships into a unified front.
Implementing a team sport philosophy will unlock your company’s ‘strength in numbers’ through comprehensive security alignment to combat the mixture of attack surfaces. It will additionally provide clear avenues to a stronger over-all security posture that will enable organizations to protect its work.
Empowering Your People - Building an effective cybersecurity framework is not just about the adoption of innovative technologies and best-of-breed solutions. Security is always a human issue at its core. The countless systems leveraged by organizations are created by people, operated by people and, most of all, built to protect people. In turn, it’s imperative to instill an intuitive architecture that effectively mitigates vulnerabilities driven by human error. An alliance of cyber-resilient teams, coupled with well-integrated solutions, provides the agility enterprises need to combat modern threat actors.
That starts by placing a firm emphasis on the empowerment of your teams, partners, suppliers and C-suite. Alleviate burnout and offset cybersecurity’s skill shortages by leveraging AI and machine learning tools that streamline processes, automate repetitive tasks, and enhance detection/response efficiency. Enable your workforce, as well as the workforces of your partners and suppliers, to become strong cyber citizens through continuous user awareness training on email and collaboration security best practices. Support your C-suite in driving cyber readiness by instilling adequate expertise in your executive board and effectively articulating the correlation between cyber and business risk. You wouldn’t ask a CFO to create a corporate marketing strategy, so why leave the critical task of developing a robust security framework to executives who lack extensive cybersecurity backgrounds?
Simplifying Your Security Environment - The adoption rate of new security products and services is at an all-time high. According to Gartner, organizational cybersecurity spending is on pace to exceed $188 billion by 2023, representing an 11.3% increase from 2021. Itis a reactionary response to the acceleration of cyber threats amid rapid digital transformation that, while well-intended, has created a massive tool sprawl problem across industries. On average, companies deploy between 60 and 80 tools in their portfolio, with some leveraging as many as 140.
Tool sprawl is problematic because it increases complexity for already-strained security teams. Each time a new solution is added to the stack, an analyst must learn how to deploy, configure and maintain it on the fly with minimal time to immerse themselves in the intricacies of the technology. The increased complexity leads to prioritizing technology management over risk management, which creates gaps and loopholes that allow social engineering attacks to bypass security teams undetected.
This heightens the importance of prioritizing tool adoption that addresses the specific vulnerabilities of a hybrid attack surface. Can the solution safeguard employees no matter where or how they work? Does it simplify incident detection and response so human analysts can be more productive? Is it interoperable with other systems to enable real-time threat intelligence sharing and end-to-end visibility? These are the questions that must be top of mind.
Leveraging API Partnerships. A deep library of API and third-party integrations is the third component of the team sport approach. For a simplified example, envision the various components of a high-octane NFL offense built around an elite quarterback. If his offensive line can’t protect him in the pocket, he won’t have enough time to work through his reads and find the open receiver. If his tight end fails to run the correct route, an errant throw could lead to a costly interception. Even the best quarterback in the world cannot carry his team alone. It takes all 11 players on the field working in unison to win games.
The same goes for cybersecurity. Combatting social engineering attacks requires integrated solutions that provide the right blend of prevention, detection and response processes at scale. Without interconnected tools and technologies combining the fundamental functions of security into a single meshed framework, it’s nearly impossible for organizations to protect data across its lifecycle and emerge victorious over their malicious opponents.
While the prevalence of social engineering attacks against the hybrid workplace is here to stay, the action organizations take today will dictate their ability to work protected tomorrow.
Bill Schenkelberg is the Managing director at Red Sky Alliance. Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://www.forbes.com/sites/forbestechcouncil/2023/01/12/why-combatting-social-engineering-attacks-requires-a-team-sport-approach/
Comments