editor’s question
social engineering
attacks; compromises
to technical
processes may be
more pernicious but
may only be achieved
with a greater level of
technical sophistication.
Determining the biggest risks
is a vital step, however mitigating
the attacks themselves requires a
combination of strategies.
ROB HOLMES,
VICE-PRESIDENT
OF EMAIL
SECURITY,
PROOFPOINT
G
iven the breadth
and diversity of
the landscape,
there isn’t a silver
bullet but there
are a number of
measures that
companies should consider in order
to bolster their protection against BPC
attacks. Budgets are often limited and
the number of attack vectors is vast, so
there has to be a level of prioritisation
of which business processes need to
be hardened and how. This prioritisation
should be a function of the value/
risk of the process combined with its
vulnerability to abuse/compromise.
Some business processes (e.g. the
transfer of funds) are of huge value/
risk to all companies; others (e.g.
engineering/production) are
company-specific.
Most importantly however, processes
that are people-dependent are more
vulnerable since people are prone to
30
Businesses should ensure that they are
able to authenticate entities, people
and devices that provide inputs into the
business processes.
If actions are taken and decisions made
based on instruction/input from an
entity whose identity has been spoofed,
business processes can be easily
compromised. Companies should ensure
that entities involved in the process are
Businesses need to
be vigilant with any
external partners
to ensure that
they too adhere
to the necessary
security standards
to ensure that the
entire business
process cannot be
compromised.
As a last line of
defence, businesses
should look to
strengthen the
security of both their
data and people.
authenticated before their input into the
process is trusted.
Once an account has been
compromised however, no amount
of authentication will thwart the
cybercriminal. Therefore, companies
should both monitor downstream for
anomalous behaviour as well as prevent
account compromises upstream. Given
that most account compromises happen
as a result of phishing and credential
theft, companies can harden their
defences against these attacks through
a robust detection and blocking of these
threats coming through email.
As a last line of defence, businesses
should look to strengthen the security of
both their data and people. Encrypting
sensitive information at rest and in transit
will help prevent man-in-the-middle
attacks where cybercriminals intercept
and alter key data inputs that inform a
business process, and a well-trained,
savvy employee can be the crucial
missing piece in thwarting a human-
targeted social engineering attempt.
Finally, business processes frequently
involve third parties, so businesses need
to be vigilant with any external partners
to ensure that they too adhere to the
necessary security standards to ensure
that the entire business process cannot
be compromised. u
Issue 10
|
www.intelligentciso.com