By Mike Greene, CEO, Enzoic
Companies are evaluating artificial intelligence and other emerging technologies to combat cyber threats, with IDC predicting the AI cyber security market will top $46 billion by 2027.
While there are numerous vendors clamoring to capitalize on this spending, it’s a mistake for companies to assume these technologies are the quickest path to protection against cyber threats.
In fact, Verizon’s 2023 Data Breach Investigations Report (DBIR) found once again that the top methods employed by threat actors exploit the most basic security measures. As the DBIR authors put it, “…exploiting vulnerabilities, using stolen credentials and phishing are very similar to previous years’ findings, and let’s face it, they are straight out of InfoSec 101.”
This begs the question, what should organizations be doing to strengthen foundational security? Some of the most pressing considerations include:
Protecting the Password Layer: Stolen credentials were the chief means by which hackers infiltrate organizations, with their use involved in 86% of breaches studied. The challenge with password security comes down to human behavior.
Born out of a desire for convenience and efficiency, people typically select simple, easy-to-remember passwords and employ them across numerous accounts and services. One study found that employees reuse a single password an average of 13 times.
Companies have historically attempted to address credential security by enforcing complexity requirements, periodic resets, and similar practices, yet the password vulnerability problem persists. In fact, NIST now recommends against many of these approaches, advising instead that companies screen for exposure against an updated list of compromised or easy-to-guess credentials. It’s imperative that organizations overhaul their authentication security through credential screening and other modern practices if they wish to eliminate passwords as a threat vector.
A related security misstep is falsely believing that MFA offers complete protection. While it’s an important consideration as part of a layered security approach, it’s no magic bullet—as evidenced by Microsoft’s warning late last year over hackers finding ways to bypass it. According to NIST, using MFA does not negate the need to maintain an updated list of compromised passwords and use this list to enforce strong credentials throughout the organization. It’s critical that more companies embrace this approach; otherwise, viewing it as comprehensive authentication protection will continue to leave a door open to threat actors.
Avoiding the Phishing Line: Phishing is another persistent problem identified by the DBIR. Campaigns have grown increasingly sophisticated in recent years, with a KnowBe4 report deeming that 33% of employees are likely to fall for these scams.
Organizations need a combination of technology and training to combat these threats; according to KnowBe4, the latter can help reduce the likelihood of falling victim to a scam by 83%. While phishing awareness programs may not receive top prioritization on the average security budget, investing resources in this area can help reduce it as a threat vector.
Deploying web filters to stop employees from accessing malicious websites is another key step. In addition, it’s important to ensure that internet browsers, apps, and operating system software are all kept current with the latest security patches and updates. Finally, companies should confirm that regular backups are scheduled to help recover data should a successful phishing scam occur.
Protecting the Expanding Endpoint: With a recent report finding that 79% of IT teams have witnessed an increase in endpoint security breaches, detecting these threats is another foundational element companies can’t afford to ignore. The hybrid work environment contributes to the challenge, as the perimeter is extended by more employees using their devices for work.
Every personal computer, tablet or smartphone represents a potential entry point that hackers could exploit to access sensitive corporate data or conduct a range of other nefarious activities. That’s why it’s critical that endpoint security strategies address every type of operating system on the company’s network, not just the traditional Windows or Linux options.
In addition to OS concerns other critical endpoints include servers, printers, IoT devices, and point-of-sale systems. Essential security considerations to protect these include encryption, intrusion detection tools, device firewalls, and application controls. It’s important that organizations ensure they have the right strategies and tools in place to protect the expanding endpoint and stay a step ahead of hackers.
Security from the Bottom Up
You can’t build a resilient house without a strong foundation and the same is true for enterprise security. The latest AI solutions will ultimately fail to deliver on their potential until companies address the basics. Now more than ever, it’s imperative that organizations ensure that foundational security elements are permanently eliminated as a threat vector.
Image by rawpixel.com on Freepik