Intelligent CISO Issue 75 | Page 33

PREDICTIVE intelligence

Empowering vulnerable workplaces with phising-resistant MFA is key to email security

Geoff Schomburg , VP of APJ at Yubico , explains how empowering vulnerable workplaces with phishing-resistant MFA is crucial for effective email security . s organisations continue taking

A action to safeguard critical infrastructure and increase employee awareness of cybersecurity risks , phishing attacks targeting stolen login credentials through email or text continue to remain the top lucrative attack vectors for cybercriminals .

Now more than ever , the security of sensitive information from these attacks is critical , especially in workplaces where data flows freely and is accessed from various devices and shared workstations across different locations . Cybercriminals are capitalising on the vulnerabilities this scenario presents to infiltrate organisations , compromise their data and potentially impact their customers ’ data .
Phishing attacks pose a significant threat , and workplaces with shared workstations are especially vulnerable . The Verizon 2023 Data Breach Investigations Report stated that human-related factors influenced 74 % of breaches . Therefore , to fortify the security of services like email , workplaces should consider implementing phishing-resistant multi-factor authentication ( MFA ).
Understanding the phishing threat and risks to shared workstations
Phishing attacks are deceptive attempts by cybercriminals to trick individuals into revealing confidential information , such as usernames , passwords and financial details . The use of Artificial Intelligence makes these attacks even more convincing , often taking the form of seemingly legitimate emails , complete with the correct logos and sender names . Unsuspecting employees may click on malicious links or download harmful attachments , inadvertently granting attackers access to their organisation ’ s sensitive data .
Workplaces with shared workstations , such as coworking spaces , public libraries , hospitals , schools and universities , face unique challenges . The users of these spaces often access their email accounts and other online services from various devices , each with its own level of security . This variability in device security can create weak links in the cybersecurity chain , making it easier for phishing attacks to succeed .
In these shared workspaces , the devices available for use can vary significantly in terms of security . Some users might bring their own laptops , tablets or smartphones , which may or may not be adequately protected against phishing attempts . This inconsistency makes it challenging for these organisations to enforce uniform security policies for devices accessing their environment .
Shared workspaces often host a rotating cast of users , including freelancers , remote workers and temporary staff . This high turnover rate makes ensuring that every user is adequately trained on phishing threats challenging , leaving these organisations more vulnerable . It ’ s also not uncommon for users to share devices or login credentials , further compromising security efforts . This can lead to unintended exposure of sensitive information and an increased risk of falling victim to phishing scams .
Phishing attacks pose a significant threat , and workplaces with shared workstations are especially vulnerable .
Geoff Schomburg , VP of APJ at Yubico
WWW . INTELLIGENTCISO . COM 33