Five cyber defense strategies

Five cyber defense strategies

Share post

In the past two years, attackers have managed to penetrate the systems of 78 percent of German companies. This is shown by the “Data Risk Management” study by Veritas Technologies. What's particularly concerning is that AI tools like WormGPT make it easier for attackers to refine their social engineering attacks through AI-generated phishing emails.

But that's not all: AI-controlled, autonomous ransomware attacks will continue to occur more frequently in 2024. Below, Veritas explains the effective methods and proven tips for defending against cyberattacks, especially with regard to ransomware.

Password hacking

Cybercriminals exploit security gaps and get hold of other people’s passwords. Brute force attacks, password lists from the dark web and common passwords such as “Password123” enable quick access to secured systems. To guess passwords based on personal information from social media, many hackers use social engineering methods. After a successful login, they bypass security controls and carry out lateral attacks to access critical data.
Therefore, passwords must be updated regularly, be at least twelve to 14 characters long and contain a combination of upper and lower case letters, numbers and symbols.

Phishing attacks

Cybercriminals often trick distracted employees into clicking malicious links. These links are used specifically to distribute malware, sabotage systems, or steal intellectual property. Various communication channels such as emails, text messages, social media and telephone calls are used for this purpose. A commonly used method is spear phishing. The attackers use information about a company or an employee to pose as a trustworthy source.
Actively training and encouraging employees to proactively adopt safety practices is critical. One focus is on training to recognize phishing methods and social engineering tactics.

Stolen passwords

User data, especially passwords, are often offered on the DarkWeb. The sale is lucrative. In order to get sensitive information, cybercriminals like to use the tactic of “shoulder surfing”. They observe how their victim enters usernames and passwords. After successfully penetrating systems, cybercriminals actively move between different environments to locate business-critical data, confidential information and backup systems. Implementing a company-wide zero trust approach offers companies a high level of protection and minimizes the attack surface.

Best practices include strong identity and access management (IAM) with multi-factor authentication (MFA). It is important to use Role Based Access Control (RBAC), integrate biometrics for improved identification, and leverage hardware security keys. Access to data should only be permitted to authorized users. To increase security, a clear policy to change user and application passwords on a regular basis should be implemented. Integration with privileged access management, such as CyberArk, plays a crucial role here. During data protection operations, critical systems should only actively retrieve passwords. An integration with an identity provider whose solution is based on SAML 2.0 opens up additional authentication options.

Man-in-the-middle attack

Sensitive data can also be stolen through a man-in-the-middle (MitM) attack. Usernames and passwords are intercepted in transit over the network connection. To prevent this type of attack, it is important that data is encrypted both in transit and at rest. Additional strategies include using a key management service with a tamper-resistant hardware security module (HSM) and adhering to cryptographic standards such as FIPS 140. Bring Your Own Encryption Key (BYOK) models make it easier to control and manage encryption keys.

Malicious insider

Insider threats can come from current or former employees. This doesn't always have to be malicious, but can also happen due to negligence - a security vulnerability that is increasingly causing disruptions. Effective countermeasures include access controls and the implementation of minimal rights allocation. Accordingly, employees should only have the access rights that they need for their respective tasks. If an employment relationship is terminated, access rights must be changed.

Companies should also use systems to monitor network activity, file access and other relevant events. Regular audits can be used to identify suspicious activity. “Through comprehensive security solutions, companies not only support their IT professionals, but also strengthen the cyber resilience of their company. A multi-tiered approach with proven practices such as MFA, role-based access controls, data encryption and AI-driven security features is essential,” explains Ralf Baumann, Country Manager at Veritas Technologies. “To minimize downtime in the event of disruptions, recovery environments should be optimized. Therefore, it is critical to use devices that have additional layers of security, including immutable storage and built-in container isolation.”

More at


About Veritas

Veritas Technologies is a leading provider of secure multi-cloud data management. More than 80.000 customers – including 91 percent of Fortune 100 companies – rely on Veritas to protect, restore and ensure compliance with their data.

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more