Hardly a month goes by without warnings about new phishing attacks. Phishing remains one of the top cyber threats. With eight central measures, companies can significantly minimize the risk of attack.
Attackers' phishing methods are becoming more and more sophisticated using the latest technologies. The fact that more and more employees are working on the go or from their home office and are sometimes switching between company and private devices also plays into the hands of the attackers. In addition, hackers benefit from three developments in particular:
- The employees spend more and more of their personal lives online, making it easy for attackers to spy on them and engage with them through social media.
- The increasing usage of SaaS tools brings with it new identities that are often inadequately secured and monitored.
- The ever increasing number of new digital tools often means that employees do not question unusual requests or changes in the workflow.
But how should companies and authorities deal with this growing threat of phishing? A key measure to reduce risk is the use of a zero trust model. With this security concept, every request for access to a company resource - be it data, applications or the infrastructure - is checked before access is granted. Also, access for verified users and devices is strictly limited.
In principle, Zero Trust initiatives aim to make access systems more phishing-resistant, to support end users in recognizing phishing attempts and to minimize the potential damage of an attack.
Eight security measures as best practices
1. Use of phishing-resistant multi-factor authentication methods (MFA) such as FIDO, QR codes or physical tokens.
2. Implementation of basic Zero Trust policies such as step-up authentication when launching confidential applications, mandatory use of MFA for profile changes or setting up automatic warnings for risky user behavior.
3. Segmentation of the network to restrict the attacker's freedom of movement within the network and block access to confidential resources in the event of successful phishing.
4. Securing endpoints vulnerable to phishing and malware, as the traditional network perimeter has become obsolete as a line of defense in the cloud age. A key challenge is maintaining a complete, up-to-date inventory of users and devices.
5. Review of BYOD policies and employee device usage requirements when accessing corporate applications over the Internet. For example, minimum standards can be set to secure home office networks, such as changing the default router login data or using secure WiFi passwords.
6. Regular implementation of "phishing exercises" with live test scenarios and Red Team training sessions to strengthen the security-conscious behavior of employees and to inform about new phishing attack techniques.
7. Encouraging closer collaboration between business and IT to improve identity governance and lifecycle management of access permissions, such as immediate deprovisioning of unused accounts.
8. Continuous verification of access permissions and execution of penetration tests as well as optimization of inefficient workflows and processes.
Conclusion
"In view of the general increase in security risks - not least due to phishing attacks - more and more companies are relying on a zero trust strategy. An identity security solution offers many of the building blocks and technologies required for efficient implementation,” explains Michael Kleist, Area Vice President DACH at CyberArk. “Identity security focuses on securing individual identities throughout the access cycle to critical resources. This means that the identity is accurately authenticated, the identity is authorized with the right permissions, and access for that identity to privileged resources is granted in a structured way. And of course the compliance requirements are also met.”
More at CyberArk.com
About CyberArk CyberArk is the global leader in identity security. With Privileged Access Management as a core component, CyberArk provides comprehensive security for any identity - human or non-human - across business applications, distributed work environments, hybrid cloud workloads and DevOps lifecycles. The world's leading companies rely on CyberArk to secure their most critical data, infrastructure and applications. Around a third of the DAX 30 and 20 of the Euro Stoxx 50 companies use CyberArk's solutions.