Authors of a new security study have emphasised the importance of strengthening threat resistance among individuals and not just machines, as increasingly sophisticated cyber attacks continue to bypass typical security infrastructure.
IT association ISACA and consultancy group Ernst & Young have published a how-to book, Responding To Targeted Cyberattacks, and the authors’ top five tips for tighter security highlight how education must improve among staff if organisations are to be prepared for modern cyber threats.
Targeted attacks have grown in prominence over recent years, as cyber criminals customise phishing scams and other attack vectors for specific employees. The wealth of information online that profiles organisations and their staff – something that is growing all the time thanks to social media - gives hackers ample data to dupe individuals with carefully tailored attacks.
As such, the authors’ top five points organisations must be mindful of with their security, as outlined below, place great focus on training employees:
1. Advanced threats now target people. People, not machines and software, have become your first line of defence.
2. Cyber attacks are a business problem and a people problem, not just a technology problem.
3. User education and awareness are critical to your success.
4. ‘Prevention’ strategies of the past are not enough now. Today’s strategy needs to be: ‘Complicate – Detect – Respond – Educate – Govern.’
5. Four emerging capabilities are needed to implement a new strategy for dealing with cyber attacks:
- Centralised log aggregation and correlation
- Ability to conduct forensic analysis across the enterprise
- Ability to sweep the enterprise for ‘indicators of compromise’
- Ability to inspect memory to detect malicious code
“There are no universal solutions to prevent being infiltrated,” said James Holley, leader of Ernst & Young Information Security Incident Response services and co-author of the book.
“If sophisticated and well-funded attackers target a specific environment, they will get in. In this rapidly evolving threat landscape, information security professionals need to adopt the mindset that their network is already compromised or soon will be.”