While technologies keep changing, it’s creativity that has defined many of the most notable cybersecurity incidents of the last year, as new hacking organizations continue to trick people into giving up passwords via social engineering. According to an article in CIO, with people continuing to fall for these tricks, security policies enforcing multi-factor authorization and identity and access management can be easily bypassed or defeated, leaving organizations that thought themselves to be secure in a situation where they’re struggling with their vulnerability.
Instead, companies may need to go back to the fundamentals, reconsidering how they can detect and prevent the most common cybersecurity threats, including:
- Reviewing the lists of most common techniques for gaining initial access, how access attempts are monitored and logged, and encouraging employee training and the use of strong login credentials
- Tracking unusual traffic, raising awareness of threats like website spoofing, and implementing tools that block or detect malformed website addresses
- Monitoring unusual IP addresses, significant changes to server access or traffic, and implementing zero trust architectures to confirm only authorized access to files and data
Says Israel Mazin, CEO of Memcyco, to CIO, “With the increasing availability of sophisticated technological and social engineering tools, attackers have a higher chance of succeeding – and gaining big – with little risk.”
Source:
https://www.cio.com/article/654078/the-changing-face-of-cybersecurity-threats-in-2023.html/amp/
