When it comes right down to it, people are your greatest corporate asset. And your organization’s greatest security risk.
Attackers are using social engineering-based exploits like phishing in order to trick employees into clicking on a bogus link, which provides cybercriminals a launching pad for ransomware and other types of attacks. They are stealing employee credentials in order to gain entry into systems that contain valuable corporate assets. They are taking advantage of trusted insiders simply making mistakes or ignoring security best practices.
According to a recent AT&T report, the surge in remote work has exacerbated the problem. “Organizations are under intensified pressure to develop new, efficient, more flexible, and safer ways for employees to work away from traditional office settings. But with the growing trend toward remote work comes a looming challenge. Organizations are struggling to offer their employees highly secure remote access to vital applications and essential data.”
The report adds, “Most devices are being used off-network, which means a loss of visibility and control, and subsequently an increased risk of breach. When corporate assets are being accessed by under-secured or unmanaged endpoints, the cybersecurity threat vector created by the work-from-home phenomenon broadens.”
When corporate assets are being accessed by under-secured or unmanaged endpoints, the cybersecurity threat vector created by the work-from-home phenomenon broadens
The latest Verizon Data Breach Investigations Report points out that phishing has been identified as a component in 36% of breaches – up from 25% last year. The Verizon analysts add, “This increase correlates with our expectations, given the initial rush in phishing and COVID-19 related phishing lures as the worldwide stay-at-home orders went into effect.”
The report adds that insiders are responsible for an estimated 22% of security incidents. And the Ponemon Institute says the average cost of an insider-related breach, whether malicious or simply an error, was $11.45 million.
The Verizon team sums up these challenges this way: “Without new strategies and tools, organizations are likely to fall victim to a higher number of cybersecurity breaches, which could take longer to detect and be costlier and more complex to recover from.”
The benefits of Web Intelligence
IBM Security X-Force researchers have reported that 40% of the incidents that their security teams detected came through alerts generated by an Internet monitoring tool.
Media Sonar provides just such a toolset. The Media Sonar platform enables security teams to look beyond the corporate walls to protect data and intellectual property. By consolidating multiple open-source intelligence tools (OSINT), organizations can proactively investigate risks of attack across Dark Web markets, hidden forums and social media channels. The Media Sonar platform can stay on top of hacker chatter in order to give security teams a head start toward shoring up security weaknesses before a breach can occur.
The Media Sonar platform enables security teams to look beyond the corporate walls to protect data and intellectual property
And while most insider breaches are unintentional, insiders with malicious intent do exist and can cause great harm. In fact, the average cost of this type of attack is three times that of simple negligence.
Credential theft is the costliest type of insider threat, at $756,000 per incident. The Media Sonar platform can provide key intelligence from across the Surface, Deep and Dark Webs in order to detect credential and information leaks in a programmatic way.
Finally, despite an organization’s best efforts, breaches do occur. In the event of an incident, it’s vital that organizations identify and remediate the breach as soon as possible. The Media Sonar platform can quickly spot breached data being sold on the Dark Web and alert security teams so that they can act quickly to respond to the incident.