CYBERSECURITY FOCUS
CONTINUED
growing number of Traffers operating. Traffers are organised groups of cybercriminals specialising in credential theft using malware, most commonly stealers. We found that this is becoming a real problem for businesses and it’s something that requires constant monitoring and real-time intelligence to detect and fight against. “Equally, as always, weak passwords continue to pose a large problem for businesses. The 2023 Specops Weak Password Report showed that nearly 90% of breached passwords used to attack RDP ports in live attacks were 12 characters or less. Even more worryingly, the most common base term found in passwords used to attack networks across multiple ports is still ‘password’. From brute force attacks to password guessing and ransomware, threat actors will inevitably continue using passwords as a way of gaining access to a system. A strong and comprehensive password policy across an organisation is key.” Remote working threat Users continue to be a weak point in cybersecurity, especially with the rise in remote and hybrid working, which has also made network devices more vulnerable to attacks, Martin adds. “Security teams need to consider the implications of having a workforce that alternates between being physically present and working remotely,” he says. “Moreover, because people are physically isolated from their colleagues, they become easier targets for social engineering attacks. With fewer distinctions between work and personal devices, businesses must increasingly focus on user behaviour. It is becoming more and more crucial to ensure that employees follow best practices when accessing sensitive data or communicating with colleagues. This includes implementing training programs, conducting regular security assessments and using multi-factor authentication to keep accounts secure. “To mitigate risks, organisations must make sure their cyber defences are adapted to cover both environments. Yet, for many organisations, questions on how to securely manage a hybrid workforce remain open, such as how are users using and consuming business data? Where is that data being stored? Is it encrypted? What networks are they using their devices on, and what other devices might also be on the same network? For example, many IoT devices won’t have the
outpost24.com
secure coding that other endpoints do. Do all of the devices users have meet the business’ security and compliance requirements?” Patches Stuart Robson-Frisby, RVP, EMEA Channels at Tanium, adds that many businesses don’t have visibility of how many devices are connected to their network, and who has access to what, which creates numerous security risks if some or all of the devices are unpatched. “However, despite being such a significant risk, many companies still fail to patch their systems and devices frequently enough,” he says. “Without addressing this situation, businesses are at high risk of malware infections, data breaches and operational disruptions. This is not only a drain on resources, time and money, but often leads to irreparable reputational damage and even legal liabilities. “To mitigate the risks associated with unpatched devices, businesses should prioritise patching as a critical component of their cybersecurity strategy. This includes developing a robust patch management strategy, testing patches before deployment, and ensuring that all devices – known and unknown – are up to date with the latest security patches and updates. It only takes one weakness in an organisation’s IT defences to bring the business to its knees, so being able to swiftly identify and remove any vulnerable devices is vital to securing the company’s future. “Being prepared for – and able to withstand – today’s cyber landscape is about being ‘cyber ready’. This means practicing good cyber hygiene and detecting threats and performing counter threat actions. Finding a way to discover and manage all the
Martin Jartelius CSO
Stuart Robson-Frisby RVP, EMEA Channels
tanium.com
18
Powered by FlippingBook