Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/6/2021
10:00 AM
Zack Allen
Zack Allen
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

How to Protect Your Organization's Digital Footprint

As the digital risk landscape evolves and grows, organizations must stay vigilant against online threats.

In today's ecosystem, security teams must expedite digital transformation initiatives to ensure collaboration and productivity among remote employees while continuing to service clients. Correspondingly, the digital risk landscape continues to evolve rapidly, making it difficult for businesses to monitor external, unregulated channels for risks that affect their business, employees, or customers.

While the adoption of public platforms such as social media, websites, and mobile applications have enabled businesses to maintain relationships with customers, they have also provided new intrusion vectors. As the digital landscape expands, many consumers and employees are not aware of the full realm of digital threats and how to mitigate them. Despite this growing landscape, phishing and fraud campaigns continue to be reliable and widely leveraged tactics, demonstrating the need for security teams to continue focusing on addressing these threats effectively.

Security teams looking to mitigate digital risks and develop their digital risk protection plans can consider the following guidance.

Related Content:

Navigating the Security Maze in a New Era of Cyberthreats

Building an Effective Cybersecurity Incident Response Team

New From The Edge: 2021 Security Budgets: Top Priorities, New Realities

Improve Awareness Training and Also Reward
One phished email can bring down an entire network: All it takes is a few milliseconds to misjudge an email, and suddenly malware finds its way to a company's endpoints. IT and security teams conduct employee training to prevent phishing attacks through email; however, phishing has expanded far beyond the traditional email setup.

Employees and consumers are falling victim to phishing attacks via social media, and other fraud campaigns have extended across digital channels. Improving employee training helps enterprises keep up with the ever-changing threat landscape. The accelerated adoption of social media, mobile apps, Web marketplaces, and other digital platforms by employees and customers is proof that the old-school ways of educating and building awareness are no longer sufficient.

Reward employees for making the right choices. Giving out digital swag to folks who routinely report phishing attempts creates a positive reinforcement cycle that often outlasts the impact of security awareness training.

Spot Vulnerabilities in Your Security Stack
Attackers' methods and techniques have advanced, and the platforms where they launch attacks have multiplied. Security teams can no longer rely on spam filters and email blockers to effectively address phishing and fraud attacks.

Consequently, teams should step back and evaluate the tools in their security arsenal. They need to ask themselves if their current solutions have adequate coverage for phishing links, text and image analysis, or visibility across social media, domains, the Dark Web, and beyond. Teams need to spot the gaps in their security stack before they become tomorrow's headline.

Know What Makes You Vulnerable
Waiting to take action until a security breach happens is a losing game. Security teams must recognize the individual vulnerabilities that cause an attacker to target their business and prioritize their security strategy around those vulnerabilities.

As digital transformation continues to revolutionize how businesses operate and implement new systems and procedures, prioritizing security strategy development is required. Exposure can come from many avenues. For example, executives with large followings on social media or digital financial services are popular targets because they represent lucrative avenues. Mapping an organization's digital footprint can help answer why a company may be a potential target of a phishing attack or fraud campaign. This can weed out possible lapses and determine where exposures lie.

Develop a Mitigation Strategy
While identifying phishing and fraud attacks is vital to any enterprise's survival and consumer trust, the other part is having a comprehensive mitigation strategy to reduce risk and disrupt threats. The type of attack, the target (e.g., employee, executive, data, customer), the platform, and the risk rating are all material to your strategy.

Mitigation strategies should focus on dismantling the attacker's infrastructure at its source. While blocking and spam filtering serve to address individual threats, they do little to thwart attackers from launching future attacks. By working with domain registrars to remove malicious sites and with social networks to disable fraudulent profiles and posts, security teams can disrupt an attacker's entire campaign more effectively. Effectively mitigating phishing and fraud campaigns is a group effort. Digital risk protection service providers can help alleviate the time and resources required to identify and react to risks, including working with platforms to have threats removed.

Looking Beyond
Every organization's ultimate goal is to protect consumers and their information while preserving revenue and credibility. The reliance on social, mobile, and digital channels to conduct business has created the perfect opening for threat actors. Organizations must take every precaution and protection measure possible to prevent and disrupt attacks. As the frequency of attacks rises, organizations need to stay vigilant in identifying and remediating online threats.

Zack Allen is the Director of Threat Operations at ZeroFOX, a global leader in digital risk protection. He is also President, Founder, and Board Member of the Security Practices and Research Student Association (SPARSA). Previously, he was a Senior Security Researcher for Fastly. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22847
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without privilege.
CVE-2021-22849
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting) attack.
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
CVE-2020-8569
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...