February 28, 2023

How to use zero trust and IAM to defend against cyberattacks in an economic downturn

By Cloud Syndicate

Despite double-digit budget increases, CISOs and their teams are scrambling to contain increased internal breaches, embezzlement and fraud. Identities are the attack vector of choice during a recession, exacerbated by inflationary costs driving up the cost of living, making phishing emails’ false claims of easy money all the more alluring.

As one CISO confided to VentureBeat in a recent interview, “recessions make the revenue-risk aspects of a zero-trust business case real, showing why securing identities deserves urgency.”

Attackers use machine learning (ML) algorithms to create and launch malware-free intrusions. These account for 71% of all detections as indexed by the CrowdStrike Threat Graph.

The latest Falcon OverWatch Threat Hunting Report illustrates how attack strategies aim for identities first. “A key finding from the report was that upwards of 60% of interactive intrusions observed by OverWatch involved the use of valid credentials, which continue to be abused by adversaries to facilitate initial access and lateral movement,” said Param Singh, VP of Falcon OverWatch at CrowdStrike.

CrowdStrike’s acquisition of Reposify reflects how leading cybersecurity platform vendors concentrate on adopting new technologies to provide external attack surface management while protecting enterprises against internal threats.

Reposify scans the web daily for exposed assets, enabling enterprises to have visibility over them and defining which actions they need to take to remediate them. At last year’s Fal.Con event, CrowdStrike announced plans to use Reposify’s technology to help its customers stop internal attacks.

Identity attacks soar in a down economy

Identity-based breaches interrupted 78% of enterprises’ operations last year, and 84% said they experienced an identity-related breach.

Identities are a core attack vector for attackers in a down economy; their strategies are to gain control of an organization. Attackers’ favorite targets are legacy identity and privileged access management systems that rely on perimeter-based security that often hasn’t been updated in years. Once in, attackers immediately grab admin rights, create fraudulent identities and begin exfiltrating financial data while attempting cash transfers.

Attackers are using ChatGPT to fine-tune social engineering attacks at scale and mine the data to launch whale phishing attacks. Ivanti’s State of Security Preparedness 2023 Report found that nearly one in three CEOs and members of senior management have fallen victim to phishing scams, either by clicking on the same link or sending money.

Identities are under siege during periods of economic uncertainty and recessions. CISOs fear that internal employees will be duped out of their passwords and privileged access credentials by social engineering and phishing attacks — or worse, that they may go rogue.

CISOs, internal security analysts staffing security operations centers (SOCs) and zero-trust leaders have told VentureBeat that a rogue IT employee with admin privileges is their worst nightmare.

Snowden a cautionary tale

Those CISOs willing to discuss the issue with VentureBeat all referenced Edward Snowden’s book Permanent Record as an example of why they’re so concerned about rogue attackers.

One CISO cited the passage: “Any analyst at any time can target anyone. Any selector, anywhere I, sitting at my desk, certainly had the authorities to wiretap anyone, from you or your accountant to a federal judge, to even the President.”

“We’re always looking for fuel to keep our senior executives and board funding zero trust, and the passages in Snowden’s book are effective in accomplishing that task,” one cybersecurity director told VentureBeat.

A core tenant of zero trust is monitoring everything. The Snowden book provides a cautionary tale of why that is essential.

System and security admins interviewed by VentureBeat admit that internally launched cyberattacks are the hardest to identify and contain. A stunning 92% of security leaders say internal attacks are equally as complex or more challenging to identify than external attacks. And, 74% of enterprises say insider attacks have become more frequent; more than half have experienced an insider threat in the last year, and 8% have experienced more than 20 internal attacks…

Read Full Source: VentureBeat

By Louis Columbus

Cloud Syndicate

Welcome to the 'Cloud Syndicate,' a curated community featuring short-term guest contributors, curated resources, and syndication partners covering diverse technology topics. Connect your technology article or news feed to our syndication network for broader visibility. Explore the intersections of cloud computing, Big Data, and AI through insightful articles and engaging podcasts. Stay ahead in the dynamic world of technology with our platform for thought leadership and industry news.

Join us as we delve into the latest trends and innovations.

A.I. is Not All It’s Cracked Up to Be…At Least Not Yet!

Exploring AI’s Potential: The Gap Between Aspiration and Reality Recently Samsung releases its new Galaxy [...]
Read more
Randy

Karen Buffo, CMO of MixMode, on the Rise of AI in Safeguarding Digital Assets

Welcome to our Q&A session with Karen Buffo, CMO of MixMode, hosted by CloudTweaks. Today, [...]
Read more
Craig Lowell

Scaling Smart: Planning Strategically for Cloud Expansion

Scaling Strategically As cloud spending continues to surge, managing and forecasting costs has become a [...]
Read more

5 Azure Cost Management Strategies

What Is Azure Cost Management? Azure cost management refers to the practices and processes that [...]
Read more
Rahul Subramanyam

Episode 18: Fixing AWS: The CloudFix Story 

Fixing AWS: The CloudFix Story A conversation with Rahul Subramanyam. CEO at CloudFix, and CTO [...]
Read more
Frank Suglia

Forecasting Cloud Trends in 2024

The past few years have rapidly accelerated cloud adoption and impacted the overall IT landscape. [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.