Skip to main content

Understanding cyber risk and the C-Suite

cyber attackThe threat landscape for businesses has evolved significantly in recent years, with cyberattacks becoming more sophisticated and frequent. As a result, cybersecurity has become a top priority for organisations of all sizes, and the C-suite, including CEOs, CFOs, CIOs, and CISOs, plays a critical role in managing and mitigating cyber risk.

The State of Email Security, a report published by Mimecast, a leading email security provider, sheds light on the challenges faced by the C-suite in safeguarding their organisations against email-based cyber threats.

Email remains the primary communication tool for businesses, but it also poses significant security risks. From phishing attacks and ransomware to business email compromise (BEC) and insider threats, email-based attacks can have devastating consequences for organisations, including financial loss, reputational damage, and legal liabilities.

Read more …Understanding cyber risk and the C-Suite

  • Hits: 524

Managing the insider risk is extremely complicated

John j2The risk from malicious insiders has long been a priority for CISOs and has now become a top priority for other executives and board members. Employees require access to sensitive information, but heavy-handed approaches using complicated and static rules can frustrate users. This hampers productivity and leads users to search for workarounds that can also put data at risk.

Employees, contractors and partners understandably have concerns about what activity is monitored. They have questions about what data may be in scope or out of scope. More importantly, users may wonder how these monitoring systems may be biased against them and intrude on their personal privacy.

There’s one consistent and prevalent security gap in every digital enterprise in the world. Regardless of the industry, whether it’s financial, healthcare, residential or logistics, the common denominator remains the same: the human element.

Read more …Managing the insider risk is extremely complicated

  • Hits: 657

Trying to catch the big phish

In a profit-driven, ethically-unconstrained criminal enterprise like phishing it is not surprising that threat actors have evolved to match the times. Rather than focus on techniques, this article will discuss how phishing applications have changed to match new security standards.

Only 22% of Microsoft clients have adopted two-factor protection, so the traditional phishing attacks are still effective against most small to mid-sized operations. In the case of the enterprise client, we are seeing a transition towards phishing attacks that can seamlessly target two-factor protected accounts.

In a Proofpoint survey (www.securitysa.com/*phish1), 83% of organisations said they experienced a successful email-based phishing attack in 2021, versus 57% in 2020. That equates to a 46% increase in organisations hit with a successful phishing attack last year.

Read more …Trying to catch the big phish

  • Hits: 532

You have a ‘super malicious insider’

There’s a super malicious insider who is technically proficient and often acutely aware of an organisation’s technical limitations in proactively detecting insider threats. This is according to Dtex System’s 2022 Insider Risk Report that is based on real investigations and data collected by the Dtex Insider Intelligence and Investigations (i3) team throughout 2021.

Read more …You have a ‘super malicious insider’

  • Hits: 610

Protecting your workforce

The workforce is any organisation's greatest asset but also its biggest risk. It has never been more important to protect employees from exploitation by external attackers, while also limiting the risk that they pose as trusted insiders.

The erosion of the cyber-perimeter and accelerated shift to virtual workforce models necessitate a new approach that baselines activities and behaviours and protects employees by highlighting anomalies. More importantly, employees have the right to know that personal activities and behaviours that don't directly increase organisational risk, cause cultural conflict, or limit successful operations, remain private and anonymous.

Read more …Protecting your workforce

  • Hits: 664