February 28, 2023

How to use zero trust and IAM to defend against cyberattacks in an economic downturn

By Cloud Syndicate

Despite double-digit budget increases, CISOs and their teams are scrambling to contain increased internal breaches, embezzlement and fraud. Identities are the attack vector of choice during a recession, exacerbated by inflationary costs driving up the cost of living, making phishing emails’ false claims of easy money all the more alluring.

As one CISO confided to VentureBeat in a recent interview, “recessions make the revenue-risk aspects of a zero-trust business case real, showing why securing identities deserves urgency.”

Attackers use machine learning (ML) algorithms to create and launch malware-free intrusions. These account for 71% of all detections as indexed by the CrowdStrike Threat Graph.

The latest Falcon OverWatch Threat Hunting Report illustrates how attack strategies aim for identities first. “A key finding from the report was that upwards of 60% of interactive intrusions observed by OverWatch involved the use of valid credentials, which continue to be abused by adversaries to facilitate initial access and lateral movement,” said Param Singh, VP of Falcon OverWatch at CrowdStrike.

CrowdStrike’s acquisition of Reposify reflects how leading cybersecurity platform vendors concentrate on adopting new technologies to provide external attack surface management while protecting enterprises against internal threats.

Reposify scans the web daily for exposed assets, enabling enterprises to have visibility over them and defining which actions they need to take to remediate them. At last year’s Fal.Con event, CrowdStrike announced plans to use Reposify’s technology to help its customers stop internal attacks.

Identity attacks soar in a down economy

Identity-based breaches interrupted 78% of enterprises’ operations last year, and 84% said they experienced an identity-related breach.

Identities are a core attack vector for attackers in a down economy; their strategies are to gain control of an organization. Attackers’ favorite targets are legacy identity and privileged access management systems that rely on perimeter-based security that often hasn’t been updated in years. Once in, attackers immediately grab admin rights, create fraudulent identities and begin exfiltrating financial data while attempting cash transfers.

Attackers are using ChatGPT to fine-tune social engineering attacks at scale and mine the data to launch whale phishing attacks. Ivanti’s State of Security Preparedness 2023 Report found that nearly one in three CEOs and members of senior management have fallen victim to phishing scams, either by clicking on the same link or sending money.

Identities are under siege during periods of economic uncertainty and recessions. CISOs fear that internal employees will be duped out of their passwords and privileged access credentials by social engineering and phishing attacks — or worse, that they may go rogue.

CISOs, internal security analysts staffing security operations centers (SOCs) and zero-trust leaders have told VentureBeat that a rogue IT employee with admin privileges is their worst nightmare.

Snowden a cautionary tale

Those CISOs willing to discuss the issue with VentureBeat all referenced Edward Snowden’s book Permanent Record as an example of why they’re so concerned about rogue attackers.

One CISO cited the passage: “Any analyst at any time can target anyone. Any selector, anywhere I, sitting at my desk, certainly had the authorities to wiretap anyone, from you or your accountant to a federal judge, to even the President.”

“We’re always looking for fuel to keep our senior executives and board funding zero trust, and the passages in Snowden’s book are effective in accomplishing that task,” one cybersecurity director told VentureBeat.

A core tenant of zero trust is monitoring everything. The Snowden book provides a cautionary tale of why that is essential.

System and security admins interviewed by VentureBeat admit that internally launched cyberattacks are the hardest to identify and contain. A stunning 92% of security leaders say internal attacks are equally as complex or more challenging to identify than external attacks. And, 74% of enterprises say insider attacks have become more frequent; more than half have experienced an insider threat in the last year, and 8% have experienced more than 20 internal attacks…

Read Full Source: VentureBeat

By Louis Columbus

Cloud Syndicate

Welcome to the 'Cloud Syndicate,' a curated community featuring short-term guest contributors, curated resources, and syndication partners covering diverse technology topics. Connect your technology article or news feed to our syndication network for broader visibility. Explore the intersections of cloud computing, Big Data, and AI through insightful articles and engaging podcasts. Stay ahead in the dynamic world of technology with our platform for thought leadership and industry news.

Join us as we delve into the latest trends and innovations.
Cloud Computing Humor
JB Baker

SSD Controllers for AI & Data Centers: JB Baker Talks Future of Storage

SSD Controllers for AI & Data Centers Welcome to this Q&A session hosted by CloudTweaks, [...]
Read more
Nicos Vekiarides

AI, Deepfakes, and Digital Trust: A Conversation with Nicos Vekiarides

AI, Deepfakes, and Digital Trust In an insightful interview with CloudTweaks, Nicos Vekiarides, CEO and [...]
Read more
Stacey Farrar

Copilot Is Here: What to know before migrating to Microsoft 365

Migrating to Microsoft 365 Microsoft is the latest company to unveil enhanced artificial intelligence (AI) [...]
Read more

10 Data Governance Services: What You Need to Know Before You Choose

Data Governance Services In today’s data-driven world, the importance of Data Governance cannot be overstated. [...]
Read more
Dolores

Q&A: Airport Security Trends with Dolores Alemán, Frost & Sullivan Analyst

Airport Security Trends In this CloudTweaks interview, we delve into the evolving landscape of airport [...]
Read more
Drew Firment

Future Unveiled: Q&A with Drew Firment on AI, Cloud, & Beyond

AI, Cloud, & Beyond As we delve into the realm where artificial intelligence intersects with [...]
Read more
Unlock unparalleled exposure for your brand with CloudTweaks' premium sponsorship and advertising programs. Reach a global audience, amplify your message, and drive growth with our tailored solutions. Partner with us today and elevate your marketing strategy to new heights!
© 2024 CloudTweaks. All rights reserved.