Cybersecurity: The vulnerable employee needs support

Cybersecurity: The employee vulnerability needs support - AI MS

Share post

In the changing threat landscape, human behavior plays an important role in cybersecurity - on the one hand, positively as a reinforcement in defense, on the other hand, negatively as a door opener for cybercriminals. A difficult balancing act. But there are effective solutions to better support employees.

Security technologies are constantly evolving - and with them the tactics of cybercriminals who exploit vulnerabilities in machines and people to gain unauthorized access to systems. In the first half of 2023, the Sophos Cybersecurity Report found that compromised credentials were the primary cause of 50 percent of all attacks. For companies, this means going one step further towards data security beyond implementing security solutions.

Every second attack with stolen access data

In addition to common measures such as the use of multi-factor authentication (MFA), regular vulnerability monitoring and updates plus training, companies should also have the following areas on their radar: innovative solutions for identity management, user behavior monitoring and data loss prevention (DLP). . The integration of AI-supported behavioral analyzes is just as important as modern encryption techniques, because they can be a decisive step ahead in the race against cybercriminals.

Training, awareness, technological innovations

A thorough security strategy requires a collaborative approach where individuals, companies and communities work together to ensure a resilient cybersecurity culture. While it is important to have the right cybersecurity tools in place, it has never been more important to consider the human aspect of cyber risk. The emphasis on training, awareness and technological innovation is at the heart of the cyber threat shield. By training an attentive and informed workforce, companies can significantly reduce risks and protect assets.

Understanding the human factor

Technological advances and the growing adoption of CSaaS (Cybersecurity-as-a-Service) show that the most successful attacks require human-led threat hunting, investigation and response. You are at the center of cybersecurity, be it on the IT team, at a managed service provider (MSP) or even among employees. Companies need to keep these points in mind and protect themselves against any type of risk from people who could open the door to cybercriminals.

A prime example is the recent attack on the MGM Resorts International hotel group. The Scattered Spider cybercriminal group was able to use spoofed phone calls to deceive employees to obtain login credentials and then deploy ransomware that disrupted operations. Through social engineering, the group was able to trick information personnel into resetting all MFA technologies and impersonating the company's users.

Protection against threats

Cybercriminals are increasingly exploiting people's trust, especially with the rapid development of artificial intelligence (AI) and machine learning. AI-powered, personalized scams are far harder to detect, even for the most prepared employees.

User training continues to be an important element of a company's cyber defense. And it is everyone's responsibility to ensure that they do not accidentally allow criminals entry. Organizations should equip their workforce with basic knowledge and skills to detect and prevent attacker tactics, techniques and procedures (TTPs).

“One step ahead” tactic

It is no surprise that technology is becoming more and more central to business operations when it comes to data security in operations, but it must be used responsibly by a competent user. As organizations face increasing threats, many are turning to managed service providers (MSPs) to strengthen their security strategy. In today's threat landscape, “one step ahead” tactics are increasingly difficult for internal teams to manage, with 93 percent of organizations currently finding even basic security measures challenging. When working with an MSP, companies can not only benefit from the advantages of next-gen solutions, but also leverage a wealth of knowledge and expertise that is essential for gaining a decisive edge over attackers. You can rely on dedicated threat hunters and security specialists to monitor for threats around the clock.

Current threats require a collaborative approach

The human factor in cybersecurity continues to be an important component that can strengthen or weaken a company's security posture. A more effective and complete defense against current threats requires a proactive approach that combines technological solutions and human understanding. Individual organizations and communities must work together to promote best practices and ensure they have the necessary skills and knowledge that contribute to the organization's overall security hygiene.

A proactive security strategy ensures that companies are prepared for the risks that may arise from careless misconduct by individuals. Avoiding simple mistakes will be crucial because overlooking them can result in disaster.

More at


About Sophos

More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Darknet job exchange: Hackers are looking for renegade insiders

The Darknet is not only an exchange for illegal goods, but also a place where hackers look for new accomplices ➡ Read more