“President Obama in talks with Russian Leaders.”
“Global flu pandemic concerns reach all time high.”
As Internet users become more attuned to well-known spamming and phishing attacks, cyber criminals have to invent new ways to lure them into opening a malware-laden email or clicking on a link that goes to a malicious website. As an avid newsreader, I know I’d be much more likely to click on one of the above headlines than on an email of cute kitten pictures.
Unfortunately, the truth remains that individuals are a weak link in the battle against cyber criminals. Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
The 2013 Verizon Data Breach Investigations Report finds that sending just three emails per phishing campaign gives the attacker a 50 percent chance of getting one click. With six emails the success rate goes up to 80 percent and at 10 it is virtually guaranteed. Social media helps spur success, enabling cyber criminals to gather information about us so they know how to more effectively entice targets to click on that malicious email.
We know that security as a people problem is not going away anytime soon, and the advent of the Internet of Everything is going to make this even more of a problem. Not only will users be able to inadvertently expose their systems to malware from their laptops and tablets, they will also be able to click on links from their smartwatches, cars, etc. It won’t take long once that malware is on their device for it to proliferate across the entire network and any connected devices, simply from a seemingly trusted news link sent from a “friend’s” email address.
In order to address this growing concern, we need to move beyond securing devices and data to addressing the people and process aspects of this problem via education. Organizations must recognize this gap in their security and implement internal programs to ensure users know how to recognize and cease to click on potential malware. They must also understand when and how to inform the organization of any suspicious occurrences so future attempts can be minimized and/or blocked. Raising awareness and offering simple suggestions such as hovering over a link without clicking to view the intended URL, or not opening attachments you didn’t request, can go a long way in the fight against cyber attacks.
Even with the best of education, malware will still make its way onto the network. Organizations need security solutions that couple visibility and control to help protect against these inevitable attacks.
You can’t protect what you can’t see. You need comprehensive visibility into the devices, users, applications and systems that connect to your network day in and day out with the right context. Security solutions that have contextual awareness can see and intelligently correlate extensive amounts of event data related to IT environments—applications, users, devices, operating systems, vulnerabilities, services, processes, network behaviors, files and threats. They can also correlate that local data with global intelligence for even greater insights. This correlation provides the context needed to make more informed decisions. To turn those decisions into immediate action and protect your organization from today’s advanced threats, security solutions must be able to give you control to automatically and flexibly tune and enforce policies across the entire network.
Attackers are learning from each attack to increase their chances for success. As defenders, we need to do the same. Education is an essential component of any well-rounded security strategy. When combined with visibility and control, it can help minimize cyber attacks and protect our networks, even from the actions of well-intentioned news junkies.
Marc Solomon, Cisco’s VP of Security Marketing, has over 15 years of experience defining and managing software and software-as-a-service platforms for IT Operations and Security. He was previously responsible for the product strategy, roadmap, and leadership of Fiberlink’s MaaS360 on-demand IT Operations software and managed security services. Prior to Fiberlink, Marc was Director of Product Management at McAfee, responsible for leading a $650M product portfolio. Before McAfee, Marc held various senior roles at Everdream (acquired by Dell), Deloitte Consulting and HP. Marc has a Bachelor’s degree from the University of Maryland, and an MBA from Stanford University.Previous Columns by Marc Solomon:News Junkies Make Great TargetsTaking Aim at the Energy Sector: Three Steps to Defend Against a Rising Number of AttacksWhat do Malware and Mosquitoes Have in Common? More than You Might Think.The Open Source (R)evolution: From Great Technology to Greater IntelligenceFor Cyber Security Professionals, is the Concept of Control a Pipe Dream?
Tags: INDUSTRY INSIGHTS