decrypting myths
Adenike Cosgrove – Biography
Adenike Cosgrove is VP Cybersecurity Strategy EMEA at Proofpoint . Prior to joining Proofpoint , Ms . Cosgrove was global product marketing lead for Email Fraud Protection at Return Path , a division acquired by Proofpoint in the summer of 2016 . Earlier in her career , Ms . Cosgrove worked as a lead EMEA advisor to security and risk professionals for Forrester Research and Canalys , where she developed a deep understanding of CISO challenges , and helped clients with their cybersecurity strategies .
Ms . Cosgrove is a regular speaker at key conferences including the Gartner Security & Risk Management Summit in the US and Japan , the Fortune Brainstorm conferences , the Evanta CIO Executive Summit , it-sa Germany , ISMS Spain and Hacking Human Nature live . Ms . Cosgrove ’ s subject matter expertise has also been featured in The BBC , Business Reporter , Computer Business Review , Computing , Forbes , Intelligent CISO , SC Magazine UK , The Telegraph , GovInfo , and iTWire .
Recently recognised as one of the UK ’ s Most Inspiring Women in Cyber 2020 , Ms . Cosgrove was also named a finalist at the Computing Security Excellence Awards 2020 in the Security Woman of the Year category .
What are the key priorities for IT security decision-makers when creating a holistic approach to data loss prevention ?
There is no silver bullet for data loss prevention . However , one key focus area for CISOs today should be identity theft , which is a growing threat in today ’ s digital landscape . In fact , Proofpoint ’ s 2023 State of the Phish report revealed that 43 % of UK organisations reported credential theft and account compromise in 2022 .
Threat actors now realise it ’ s more effective , faster and cheaper to steal credentials and log in than trying to hack through technical controls . Once they have siphoned access details from just one employee , they move laterally , stealing even more credentials , escalating privilege , compromising servers and endpoints and downloading sensitive organisational data – it ’ s now far too easy for an attacker to turn one compromised identity into an organisation-wide ransomware incident or data breach .
The first step is to stop the initial compromise . This is where a robust email security strategy is crucial . From Business Email Compromise ( BEC ) attacks , cloud account takeover or cybercriminals using trusted third parties to compromise the organisation through their supplier , an initial email can lead to compromise . After initial compromise , they have access to your domain , giving them access to email accounts and the ability to commit fraud .
At this point , organisations need to implement technology to identify and respond to compromised users and remove what attackers need to complete their crime : privileged account access . A unique approach to identity threat detection and response ( ITDR ) will help organisations remediate privileged identity risks and understand the potential ramifications of compromise , such as access to critical data and intellectual property .
What are the drawbacks of trying to use legacy threat and data loss prevention solutions with today ’ s threat scenarios ?
The challenge we face with legacy DLP solutions are that they are datacentric . They may understand the type of data , where it resides and how it moves but this misses an important part of the puzzle – insights into behaviour and threat context . This leaves organisations struggling to formulate an adequate response to a compromised user or identity .
A modern DLP solution overcomes this issue by adapting its detection , prevention and response to a user ’ s risk level and to the sensitivity of that data that ’ s being accessed . This tailored approach is particularly important for insider threats , the cost of which has increased by 34 % between 2020 and 2022 , now standing at US $ 15.38 million .
Legacy DLP may spot suspicious activity , but it provides no behavioural awareness before , during or after risky data movement . In other words , legacy tools can ’ t help you answer the full context of ‘ who , what , where , when and why ’ behind an alert – while they may identify the ‘ who ’, the alerts may be misleading and make it appear that it is a legit employee , whereas it could in fact be an external attacker who has gained control . The result is security teams overburdened with alerts , decisions made without factoring in risk and minimal insight into the complete picture .
Why are today ’ s top cybersecurity risks people-centric and can you give some examples of these types of attacks ?
Cybercriminals have been targeting people for some time now . People are the key to access ; threat actors know this and leverage them accordingly .
Let ’ s take ransomware as an example . Ransomware attacks frequently
68 www . intelligentciso . com