This is part of our Cybersecurity Awareness Month (#CSAM) expert insights blog series.
National Cyber Security Awareness Month 2021 is a time to reflect on the major technological and lifestyle shifts brought on by the pandemic and their security implications. Remote work unexpectedly became the norm in 2020, and as we close out 2021, the hybrid work model may be here to stay for decades to come. But with the recent operational changes to how we work, come major security changes.
Tyler Farrar, CISO, Exabeam elaborated on what he feels organizations need to keep in mind this #NCSAM:
"These changing approaches to work have caused security leaders and their teams to balance what’s necessary to keep sensitive company data and assets safe and secure in organizational landscapes that no longer have a security perimeter. People are everywhere now. Meanwhile, adversaries are growing more sophisticated by the hour. Critical infrastructure organizations like Colonial Pipeline, agriculture organizations like New Cooperative and tech firms like Kaseya and Olympus being targeted by cybercriminal groups are hitting the headlines on a near-weekly basis. How can security teams keep up with the barrage of attacks and network perimeter shifts?
Rather than retreating back to legacy methods and previous strategies, companies must #BeCyberSmart and tackle modern threats head on. It’s critical to highlight that compromised credentials are the reason for 61% of breaches today. To remediate incidents involving user credentials and respond to adversaries, organizations must consider an approach that is closely aligned with monitoring user behavior to get the necessary context needed to restore trust, and react in real time, to protect employee accounts. This should include the ability to understand what normal looks like in your network, so when anything abnormal occurs, you can immediately detect it and prevent it from causing harm or damage to your organization.
Employees must also play a role. Security teams that shake up their password protocols such as never using the same password twice, using password vaults and enabling multi-factor / adaptive authentication are winning against the adversaries. A combination of behavioral analytics and smart password practices can help employees, and their employers, stop credential-based attacks and adversarial lateral movement. Use this month to be sure you have the right threat detection, investigation and response (TDIR) technologies in place for yourself and your security teams."
###