Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 3 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Is there a patch for my users?

by The Gurus
May 21, 2018
in This Week's Gurus
vulnerability
Share on FacebookShare on Twitter

Attackers love exploiting the naivety of users because it’s so easy.

All it takes is one successful phishing email to persuade just one user to hand over their organizations login details. Once that hacker gains entry to your systems, you’re not going to find out until it’s too late — your anti-virus and perimeter systems aren’t programmed to pick up on access using legitimate login details, giving snoopers all the time in the world to, well, snoop.

And if it’s not exploiting them, well then we can always rely on good old fashion ‘careless’. It was only recently that UK political leaders were publicly (and almost proudly) proclaiming their own particularly poor password habits on Twitter.

MP Nadine Dorries admits she regularly shouts the question “What is my password?” across the office, and after her being criticized on Twitter, MP Nick Boles defended her by agreeing with a journalist that password sharing is rife among MPs.

As much as it’s easy to poke holes in politicians’ hapless knowledge of IT security, the truth is that most employees within the business world share passwords too.

So while users remain the biggest threat to a company’s security, blaming employees is never the right route to take. Employers are (usually) human. They are careless, flawed and often exploited.

So, how are you supposed to spot inappropriate user access when it’s already been defined as appropriate?

 

Spotting the threat

Security must be there to protect users from both careless and malicious behavior and to protect the business from outsiders trying to gain access by pretending to be employees.

When you boil it down, the only way to really tell if someone is a malicious insider or an intent external threat actor is by allowing them to perform actions (such as launching applications, authenticating to systems, accessing data, etc.) and determine whether the actions are inappropriate.

But given the majority of your user population doesn’t act the same way everyday – let alone the next week or month – it makes more sense to spot the threat actor by looking at leading indicators of threat activity, rather than waiting for the threat activity itself.

One of the most accurate leading indicators is one no malicious insider or external threat actor can get around – the logon (local, remote, via SMB, via RPC, etc.). Endpoints require logons for access, lateral movement of any type requires authentication to access a target endpoint, and access to data first requires an authenticated connection.

The leveraging of Logon Management solutions provides organizations with not only the ability to monitor logons and identify suspicious logon activity, but to also craft logon policies to limit the scope of account use and automatically shut down access based on inappropriate logon behavior. By using the contextual information around a user’s logon (origin, time, session type, number of access points, etc.) genuine logins become useless to would-be attackers.

So, while there might not be a patch for the user quite yet, keep in mind that you do have a foolproof way to make sure authenticated users are who they say they are, identify any ‘risky’ user behavior and put a stop to it before it ends up costing you capital, customers and your company’s reputation.

To read more about external attacks and how to detect and stop them, read our latest whitepaper “Stopping the External Attack Horizontal Kill Chain”.

 

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

New Phishing Attack Will Drain Your Bank Account

Next Post

CensorNet research: almost half of UK employees put companies at risk through online activities

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information