Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 31 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

What Harry Potter Teaches us about Constant Vigilance and Insider Threats

Harry Potter and the Computer Virus

by The Gurus
November 8, 2019
in This Week's Gurus
Threat Detection
Share on FacebookShare on Twitter

The character of Mad-Eye Moody in “Harry Potter and the Goblet of Fire” preached “constant vigilance” against dark wizards, even as he was a villain in disguise. The real Mad-Eye Moody had been kidnapped and locked in a trunk for an entire year, while an imposter assumed his form and took on his role as the defence against the dark arts teacher at Hogwarts School of Witchcraft and Wizardry. Not only was he an imposter but he was a dark wizard, one of Lord Voldemort’s most loyal followers, determined to take Harry out and restore Voldemort to full power.

 

“Constant vigilance” is sage advice for businesses too. With the threat of malicious insiders, undetected attackers moving around a network and other risks to mitigate, there is no “one-and-done” solution in security. Industry research such as the 2018 Verizon Data Breach Investigations Report (DBIR) helps the collective community keep an eye on trends and glean insights from lessons learned to get ahead of potential vulnerabilities before they become problems. A few key trends identified in the report caught my eye.

 

While the report indicates that 78 percent of people didn’t click on a single phishing link all year (which is promising news), phishing and pretexting remain popular attack methods. Attackers only need one employee to click a link and open the door for the attacker to enter. Once an attacker has stolen credentials, they can manoeuvre within the network, escalating levels of privilege until they have the access they need to wreak the havoc they intend.

 

The report’s emphasis on education—making sure that employees are trained to identify and report social attacks such as phishing—is one important line of defence. Knowing what to look for is half the battle. However, it is imperative to have a strategy beyond education that prioritises privileged access security. It remains just as important now as in recent years to practice least privilege principles along with privileged access management. Together, this provides businesses with a dramatically reduced attack surface. A focus on privileged access security hygiene is also critical for an effective cyber security program. Tactics such as multi-factor authentication, vaulting and rotating sensitive credentials can help protect powerful accounts within the organisation.

 

In manufacturing, notable trends include targeted attacks and intellectual property theft.  According to the report, cyber espionage accounted for 31 percent of all breaches in manufacturing. This number is down from last year, but cyber espionage remains a very real threat to the industry. Attackers go after manufacturing targets with a specific purpose in mind, choosing victims with valuable trade secrets and intellectual property. Once this sensitive information has been exfiltrated, competitors can use it against the victim on the market—a different approach than directly siphoning funds, but still ultimately results in financial gain for the attackers.

 

In the healthcare industry, the story of the year (keeping in line with previous years) is not just about outside attackers, but about insiders as well. Ransomware remains prevalent, though not at the constant onslaught that many people perceive. According to the report, most companies receive malware on six or fewer days a year. However, it only takes ONE successful ransomware attack to bring an organisation to its knees. And while the security industry tends to focus on data being stolen by outside attackers, it’s important to pay attention to what is going on within the organisation as well. This year’s report indicates there are many cases in which employees are misusing their accounts, whether intentionally or by accident. As such, employees with access to data beyond their role within the organisation can become problematic.

 

Also within healthcare, the report notes that employees sometimes misuse their credentials to access information they do not need in order to accomplish their tasks. For example, employees might search for a celebrity patient’s records out of curiosity, or “just for fun.” This type of activity underscores the importance of following least privilege principles, coupled with application control, as well as implementing privileged session monitoring capabilities. For even without malicious intent, the misuse of credentials can be just as damaging as stolen credentials, causing compliance and regulatory violations.

 

In the wizarding world, posting Dementors at the gates and hoping for the best simply isn’t enough, particularly considering the number of times Lord Voldemort and his cronies managed to break through the castle walls, sometimes even completely undetected. But cyber security is not magic. It takes strategy, planning and collaboration to reduce cyber security risk.  Not only must we be able to recognise the attackers outside the organisation, but we must also guard against overreaching scope and seemingly innocent employees from becoming the attacker within. “Constant vigilance” includes protecting privileged access from the dark wizards of the cyber world.

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

Guru Review:

Next Post

Over one third of all phishing attacks target financial sector customers in second quarter of 2018

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information