A good way to increase cybersecurity education is by making it relatable to employees ’ personal lives . For example , through campaigns such as ‘ how to stay safe from cyber scammers at Christmas ’. Although not work-related , employees will likely apply the knowledge they have acquired to protect their personal finances to a work environment . Despite greater education in schools , there is often a disconnect between school leavers and entering the world of work – much is quickly forgotten and the boundaries between work and home device usage become blurry .

We must also acknowledge that we cannot prevent all attacks . You can educate and educate , but employees are human , and errors will be made . Even if you raise awareness enough to stop 99.9 % of attacks , the 0.1 % still equates to thousands of attacks . So , while the first line of defence is certainly education , the second line is what happens when an attacker gets through . How can you mitigate the blast radius and reduce the impact of attacks ?

This is even more critical in hybrid and multi-cloud environments where the risk of breaches spreading is greater . It only takes one successful phishing attack to gain access to an organisation , and once attackers are in , the goal is to move to find sensitive data or assets .

As well as applying basic cybersecurity hygiene principals like anti-virus , patch management and identity and access management controls , the following measures can help build resilience against social engineering attacks :

• Place tighter controls on social media : Although often unpopular with employees , consider restricting access to certain , if not all , social media platforms within the business environment . Social media is an attractive target for attackers looking to gain information or find a way in , often because users are often less vigilant and more susceptible to scams via such platforms .

• Enhance detection capabilities : Endpoint Detection and Response ( EDR ) is a nonnegotiable when it comes to social engineering . Round the clock monitoring enables fast identification of abnormal behaviour and ensures that attacks can be identified and responded to as quickly as possible .

• Implement segmentation : Network segmentation is key to reducing the impact of attacks , as stated in the Cyber Assessment Framework ( CAF ). The goal of social engineering is to trick users into exposing data , spreading malware infections , or giving access to restricted systems . Technologies like Zero Trust Segmentation provide an easy and consistent way to apply segmentation to all environments , ensuring that those attacks that bypass EDR and other defences , are rapidly contained .

While the first line of defence is certainly education , the second line is what happens when an attacker gets through .

TREVOR DEARING , DIRECTOR OF CRITICAL INFRASTRUCTURE , ILLUMIO

WWW . INTELLIGENTCISO . COM 29