How to prevent the ‘human element' from being exploited in cyber breaches

As organisations act on their digital transformation plans to ensure business continuity, employees at the same time need to embrace a security mindset and culture.

business continuity, cyber security, data management, risk management, security, Verizon Business 2021 Data Breach Investigations Report, three-two-one rule

While online activities increased during the pandemic, so too have the number of cyber security incidents. In the Verizon Business 2021 Data Breach Investigations Report (2021 DBIR), 5,258 breaches from 83 contributors across the globe were observed – which is a third more compared to last year.

Of these breaches, 85% involved a human element while over 80% were discovered by external parties. Moreover, for organisations in the financial and insurance industries, 83% of data compromised in breaches was personal data, whilst in professional, scientific and technical services only 49% was personal.

To better understand the evolving security“>cyber security landscape and find out how to best secure your organisation, iTNews Asia speaks to Kamal Subramaniam, Security Consultant at Verizon.

iTNews Asia: What can organisations do to ensure that their employees are aware of how to protect themselves from falling victim to such attacks when remote working becomes the working standard? What do you think will be the implications if they do not do so?

The most important thing you first need to do is to educate employees on their responsibilities in the fight against cyberattacks. In Asia, many of the breaches that take place are caused by financially motivated attackers who are phishing employees for credentials, and then using those stolen creds to gain access to mail accounts and web applications.

These breaches can have devastating and long-lasting consequences for organisations extending from financial losses, business continuity problems, legal liability to reputation damage. While organisations can take actions to strengthen their security posture, it is also important to foster a security culture so employees can play their part in protecting the business.

To protect employees from falling victim to these attacks, some good practices that organisations can consider include:

  • Assess your needs. A simple security exam can let you know where your employees are secure and where they might need more support.
  • Develop a list of training objectives. Then, test against these objectives to measure success and failure—and to craft future training sessions.
  • Train on specific security risks and scenarios. Gamify simulated cyber-attacks by breaking into competitive teams. Remember to train knowledge and skills – employees should know exactly how to choose a strong password and know not to install unauthorized software.
  • Emphasise new-hire training. But don’t neglect to train existing employees on incident reporting procedures so that every potential breach and security issue can be examined and resolved.
  • Know the cyber security hotspots. Emphasise the use of social media posts as vectors for social engineering attacks, the importance of mobile device security and the manifold ways that remote employees can be attacked or compromised in their home offices.
  • Ramp up security training and awareness for your employees. Ask employees to treat any unknown emails and links as suspicious, and provide them an easy way to alert your IT or information security team.

iTNews Asia: What should organisations do in the situation that they were hit by phishing and ransomware attacks? Which industry is more prone to attacks and why do you think they are more susceptible?

After discovering a phishing or ransomware attack, the immediate response for organisations should be to disconnect any affected machines from the network and isolate other machines wherever possible. This will likely cut off the bad actor’s access and limit further dissemination of malware, should they still have control over breached machines.

Ransomware was only a threat to availability, but we have seen a shift in tactics of the bad actors to “name and shame” their victims. These actors will exfiltrate the data they encrypt and threaten to disclose the data if the victim doesn’t pay ransom. It is highly advised not to pay a ransom as it may be unlawful in certain circumstances.

As such, it is important that well-prepared organisations have in place a comprehensive incident response playbook, an appropriate crisis management plan and business continuity measure that provides guidance on detailed restoration plans for data backups, impact assessment, legal implications and the communication requirements to the stakeholders, regulators and law-enforcement. Having a robust security awareness training in place will also help employees better identify and prevent from falling prey to such attacks.

business continuity, cyber security, data management, risk management, security, Verizon Business 2021 Data Breach Investigations Report, three-two-one rule

123RF

COVID-19 has no doubt caused a lasting impact on the security landscape, resulting in an increase in successful phishing emails or other breaches amidst the distributed environment. As organisations move their services to the cloud to ensure business continuity, bad actors have also taken note and ramped up attacks on web applications where such attacks represented 39% of all breaches in the 2021 report.

While security remains a challenge for many organisations, there are significant differences across verticals. The industries that stood out in terms of the number of security incidents and breaches include public administration, financial and insurance, healthcare, and entertainment.

For certain industries, such as financial and healthcare, many of such attacks are also financially motived as we see that the financial sector frequently faces credential and ransomware attacks from external actors.

iTNews Asia: What practical and proactive steps can they take to prevent or mitigate risks from ransomware?

From our past findings, ransomware has been continuing on an upward trend since 2016, and now accounts for 5% of total cybercrime incidents. Today, 10% of breaches involves ransomware – doubling last year’s frequency. This highlights an urgency for organisations in the region to prevent and mitigate risks from such attacks.

…it is important that well-prepared organisations have in place a comprehensive incident response playbook, an appropriate crisis management plan and business continuity measure that provides guidance on detailed restoration plans for data backups, impact assessment, legal implications and the communication requirements to the stakeholders, regulators and law-enforcement.

– Kamal Subramaniam, Security Consultant at Verizon

Some steps organisations can take to safeguard their operations include employing robust incident response services that include proactive security assessments, incident response planning expertise and round-the-clock threat intelligence and monitoring.

In addition to enlisting a managed services provider to enhance their security capabilities, organisations can take basic actions to strengthen their security posture.

This includes:

  • Ensuring that their security systems are updated and strengthening access management for remote systems.
  • Ongoing cybersecurity training can also help employees avoid falling victim to the email phishing scams that give hackers access to their systems in the first place.
  • Segment networks to contain the spread of attacks and limit attackers’ ability to move laterally across compromised networks.
  • Use multi-factor authentication on all accounts, including remote desktop protocol servers, to make it harder for attackers to phish, guess or crack credentials and hijack key systems for network access.
  • Regularly back up information according to the three-two-one rule. This will help organisations restore encrypted systems in a worst-case scenario.
  • Deploying zero trust network access (ZNTA) would mean that resources are hidden and only accessible through a trust broker. Three simple steps include verifying users, validating devices and limiting access.
Internet Explorer Channel Network
News Related

OTHER NEWS

Knifeman stabs boy, 14, to death at Glasgow railway station before passengers on passing trains witness shocking aftermath

Emergency services were called to Glasgow's High Street station yesterdayBoy, 14, was taken to Queen Elizabeth University Hospital and pronounced deadPolice Scotland stated that he had not been struck by a train Read more »

NSW records 301 new COVID cases, 10 deaths on eve of school return and further freedoms

NSW has recorded 301 new cases of COVID-19 on the day before students return to school, community sport returns and masks are no longer required in offices. As announced on ... Read more »

Lisa Wilkinson reveals what she REALLY thinks about her former co-host Karl Stefanovic and claims he gave her the cold shoulder for a week before she left Today

Lisa Wilkinson has lifted the lid her final days working on the Today show in her new autobiography, It Wasn’t Meant to Be Like This. In an excerpt from the ... Read more »

Dom Perrottet announces an enormous $130million mental health support package – as the NSW premier discreetly reinstates sign language interpreter for the press conference after backlash

NSW Premier Dom Perrottet has unveiled a massive $130million mental health programme to tackle youth suicide prevention. The package will target 275,000 teachers, parents and sports coaches to train them to ... Read more »

Anti-racist TV pundits maintain silence over mistreatment of migrant workers building World Cup stadiums in Qatar

UN report accused Qatar of racial discrimination against migrant workersFootball stars were silent when asked if they would take part in 2022 World CupRio Ferdinand, Raheem Sterling, Harry Kane and Ian Wright failed to respond Read more »

'Please help me find her': Devastated mother of little Cleo, 4, who went missing from her family's tent in the middle of the night shares heartbreaking update on their desperate search

Cleo, four, was last seen by her family at 1.30am on Saturday morningThe family were camping at the Blowholes campsite near Carnarvon, WAPolice, SES crews and locals have frantically searched for over 24 hoursEllie Smith, Cleo's mother, has pleaded for anyone with information to call police  Read more »

'My suspect list is long': Melissa Caddick's husband sensationally claims she was MURDERED in $50,000 bombshell TV interview – as he reveals the reason why he's NOT convinced the conwoman ended her own life

Anthony Koletti says there is long list of suspects who may have killed his wifeMelissa Caddick vanished as the net closed in on her $30million financial fraudShe ripped off the life-savings of family and friends and then disappearedHer rotting foot washed ashore but husband does not believe she killed herself  Read more »

They take the knee, we live on our knees: Scathing words of a migrant worker in Qatar where hundreds have died building gleaming World Cup stadiums... yet the virtue-signalling England team remain silent

Gareth Southgate’s men take the knee before every match to highlight racismBut men from Africa, India, Pakistan and Bangladesh working for hours on World Cup stadiums, and died in their hundreds in conditions like a ‘toxic, dusty sauna’Indian migrant worker, 36, said: ‘They take the knee, but we live on our knees’  Read more »

Shopper reveals how she transformed her filthy shower screen with two bargain buys from Woolworths

A Woolworths customer has revealed how she transformed her shower screen After seeing a cleaning hack on TikTok, Hayley used dish soap and vinegar The products - costing $2.40 for the two - made the shower look sparkling clean Read more »

Cristiano Ronaldo's girlfriend Georgina Rodriguez buys £108,000 Louis Vuitton jewellery box for her £2.6million collection of bracelets, necklaces and rings

She has been waiting five years for Cristiano Ronaldo to present her with an engagement ring. But at least Georgina Rodriguez, will now have somewhere impressive to keep the sparkler – ... Read more »

Elizabeth Day: The news that left me speechless

Styling: Holly Elgeti. Make-up: Nicky Weir using Hourglass. Hair: Alex Szabo at Carol Hayes using T3 There are some news stories that take a while to sink in. For days ... Read more »

Hotter temperatures and extreme weather linked to mental distress, suicide

Mental health experts say real action is needed on climate change, with building evidence that higher temperatures and extreme weather events including floods and droughts are linked to suicidal behaviour. ... Read more »

Second person missing for days in the remote Northern Territory outback found alive, ending police search

© Provided by ABC NEWS Shaun Emitja has been found alive and appears well, NT police said. (Supplied: Northern Territory Police, Fire and Emergency Services) A second person who went ... Read more »

Incredible story of how a busy mum who was so overweight WALKING left her in pain shed 33kgs by making small changes to her her diet - and now she's an F45 trainer

A mum-of-three has shed five dress sizes without marathon workout sessionsMaggie Skamvougeras, wore size 22 clothing after living off an unhealthy dietAt her heaviest, she couldn't walk without feeling pain in her knees and anklesShe tried every diet under the sun but was never able to shift any serious weightThe 38-year-old now credits ketogenic diet for her incredible size 12 physique Read more »

Students may be forced to take a Covid test each day

© Provided by Daily Mail MailOnline logo Children could be forced to take rapid antigen Covid tests every morning before they are allowed inside the classroom, health officials say. NSW ... Read more »

Perrottet took a 'firm decisive action' on Friday

Dominic Perrottet was taking a firm decisive action that he had often privately criticised Gladys Berejiklian for not taking when he opened the border, says Sky News Political Editor Andrew ... Read more »

WA motoring lobby says 'range anxiety' is to blame for slow take-up of electric vehicles

© Provided by ABC Business Kylie Sterry lives in Kalgoorlie and says her EV is perfect as a second car. (Supplied: Kylie Sterry) “Range anxiety” is holding West Australians back from ... Read more »

Why dozens of people are braving pouring rain to queue down this quiet Melbourne backstreet in the middle of lockdown (and it's not for a vaccine)

Beleaguered Melburnians have spent an agonising 258 days in lockdownBut they are still willing to queue for a typically Melburnian pursuit: fresh pastryMasked foodies braved pouring rain on Saturday to wait in line outside LuneKate Reid's iconic croissanterie in Fitzroy is said to make the best in the world  Read more »

Having a Wales of a time! Prince Charles, Diana and the boys on holiday in Majorca even as the storm clouds gathered over their marriage (as imagined by The Crown)

It has been criticised for painting a negative – and often untrue – picture of the Royal Family. But while the next series of Netflix drama The Crown will chart the ... Read more »

COVID vaccine bookings surge after NT government mandate announcement, but policy still faces some resistance

Bookings for the COVID-19 vaccine in the Northern Territory have surged since the NT government announced one of Australia’s widest-ranging vaccination mandates for workers last week, according to new figures.  On Wednesday, NT Chief Minister Michael Gunner ... Read more »

Counsellors needed as NSW students return

From Monday students in NSW will begin returning to classrooms and Sydney mother-of-two Carly Freel is one parent who “couldn’t be happier”. © Dan Himbrechts/AAP PHOTOS Carly Freel concedes it’s ... Read more »

No closure for Trinity schoolboy allegedly sexually abused by his mates on rugby school trip

© Provided by ABC NEWS The alleged sexual assault took place on a school trip to Japan. (Flickr: lukesaagi) As one chapter appeared to close this week on the sorry ... Read more »

TALK OF THE TOWN: Olivia Colman goes barefoot on the streets before hitting red carpet in her £895 crystal-embellished suede Jimmy Choos

To kick off your heels after an all-nighter on the dancefloor is understandable, but Olivia Colman went barefoot on the grubby streets of London even BEFORE she hit the red ... Read more »

Three reasons not to panic over Britain's Covid infection rate: STEPHEN ADAMS explores the jab programme, protective antibodies and changing demographics

New daily Covid cases are running at double the rate they were at this time last year. The number of people hospitalised with the virus each day has, on average, ... Read more »

Why didn't the BBC have any of the four vital documents that led a judge to condemn Martin Bashir and his bosses? ANDY WEBB asks if it was because senior executives began covering their tracks at the first whiff of scandal

Andy Webb is one of a number of reporters who helped to prise open Dianagate Study of the Bashir report raises questions about how key material that was lostWas it because senior executives began covering tracks at the whiff of scandal? Read more »

Westminster united in grief: Boris Johnson and Keir Starmer lead tributes to Sir David Amess as it emerges PR executive Richard Hillgrove spoke to Tory MP on Zoom about the Children's Parliament just minutes before he was stabbed

PM, Sir Keir, Priti Patel and Sir Lindsay Hoyle left flowers at the church in EssexSir David's constituents voiced their shock at the loss of the hard-working MPA 25-year-old man - named as Ali Harbi Ali - was arrested on suspicion of murderMs Patel gave defiant message, saying UK and its democracy 'cannot be cowed' Read more »

Chronic fatigue patients insist 'cruel' exercise therapy should be banished, while doctors claim it is one of the few things that works... so who is right?

Chronic fatigue patients are at loggerheads with doctors over a controversial treatment that requires them to exercise. Sufferers of the debilitating condition, also known as ME, claim that being prescribed so-called ... Read more »

MILESTONE REACHED! NSW finally hits the 80% double-dose vaccine target and records a measly 301 Covid cases – here's everything you need to know about the new freedoms that are on the way

Premier broke news NSW reached 80 per cent double jabbed target on SaturdayThe milestone triggers a range of new freedoms including dancing at clubsHouse parties with 20 people or less now possible, caps dropped on weddingsOn Sunday, NSW recorded 301 new cases and ten deaths Read more »

Study shows wetlands reduce storm impact

Tropical wetlands provide storm protection that saves thousands of lives and more than $600 billion each year, an Australian-linked world first study has found. © Dan Peled/AAP PHOTOS Cyclone Debbie ... Read more »

RackaRacka brothers Danny and Michael Philippou prepare for debut film Talk to Me

Danny and Michael Philippou have become international YouTube stars, now they want to conquer Hollywood and the big screen. The Adelaide-based 28-year-old twins are working on the final details for ... Read more »

SARAH VINE: The death threat inside my daughter's 18th birthday card reveals how abuse of MPs and their families is a modern blood sport

By all accounts, Sir David Amess was the gentlest and kindest of men – a veteran public servant who dedicated his life to his constituents. He never harboured ministerial ambitions, preferring ... Read more »

Queen will urge world leaders to do more to protect the planet: Her Majesty is set to open COP26 with landmark intervention in climate change debate

Her Majesty will open the UN climate change conference in ScotlandShe will make a speech that acknowledges the scale of the environmental crisis Around 120 past and present world leaders are expected to attend COP26 Read more »

TALK OF THE TOWN: George Clooney sliding down banisters, Vladmir Putin riding a toy horse and the Queen playing poker with Daniel Craig... but it was all fantasy with celebrity doubles behaving badly

George Clooney sliding down banisters, a bare-chested Vladimir Putin riding a toy horse and the Queen playing poker with Daniel Craig – sounds like my kind of party! Alas, it ... Read more »

China's real-life Squid Game: How organs are harvested from THOUSANDS every week for a 'kill to order' market - and why the world is powerless to stop it... 'They'll take your liver and you won't even know'

China has a real-life Squid Game harvesting the organs of political dissidentsThousands of prisoners are slaughtered for hearts, kidneys, livers and corneas UN experts recently released a statement about the 'kill to order' organ programBut the international community are powerless to stop the terrifying trade Read more »

Students may be forced to take a Covid test at the school gate every day to avoid sudden outbreaks as NSW pupils prepare to return to the classroom on Monday

NSW Education and health authorities are 'exploring' home testing optionsHome testing kids may be sent out to families or testing will be done at the gateSchool students in NSW will return to the classroom from October 18 Read more »

The Redcliffe Dolphins' fairytale journey to the NRL

© Provided by ABC Grandstand Redcliffe Dolphin players Des Webb, Keith Howard and Cliff Robinson after the 1959 reserve grade grand final. (Supplied: Redcliffe Dolphins) It has been a 74-year-long tale ... Read more »

NASA's $981M Lucy mission launches from Florida and will swing past eight different asteroids during its 12-year journey through the solar system

A NASA spacecraft named Lucy officially launched on Saturday morning, in what is the beginning of a 12-year journey to explore eight different asteroids Lucy, which cost $981 million, will be the first to tour the so-called Trojan asteroids that orbit Jupiter and are 'time capsules from birth of our Solar SystemNASA says Lucy mission will revolutionize our knowledge of planetary origins and the formation of the solar system, giving insight into planetary evolution Lucy launched into orbit on Saturday at 5:34 am on a United Launch Alliance Atlas V rocket from Cape Canaveral Space Force Station in FloridaThe mission takes its name from the fossilized human ancestor, named 'Lucy' by her discovers, whose skeleton provided unique insights into our evolutionLucy is also named after the song 'Lucy in the Sky with Diamonds' by The Beatles, of whom are quoted on a plaque on the spacecraft Read more »

Where is Noof? Women's rights activist in Qatar, 23, who fled to Britain to escape abuse then returned to her homeland two weeks ago has VANISHED leaving her friends frantic

Noof al-Maadeed, 23, escaped to Britain after years of alleged domestic abuse She mysteriously vanished four days ago after returning to her homeland, QatarFriends raised the alarm after she suddenly went quiet on Wednesday afternoon Read more »

Search continues for missing girl in WA

The mother of a four-year-old girl missing from a campsite in rural Western Australia says she misses the sparkle in her daughters eyes.  © PR HANDOUT IMAGE PHOTO Cleo Smith ... Read more »

Barnaby Joyce doubles down on Inland Rail promise to send coal trains to Gladstone, not Brisbane

© Provided by ABC News There are plans to extend Inland Rail to Gladstone but the Port of Brisbane maintains it’s the logical connection. (Australian Rail Track Corporation) The Port ... Read more »