Intelligent CISO Issue 76 | Page 39

f

e

a

t

u

r

e

However , it ’ s crucial to recognise that none of these tools are foolproof . Phishing tactics are continually evolving , and some attacks will inevitably bypass even the most advanced defences . Therefore , investing in a strong human layer is essential to sustainably mitigate cyber-risks .
How do you suggest incorporating multi-factor authentication ( MFA ) into security frameworks to enhance protection against phishing ?
Incorporating multi-factor authentication ( MFA ) into security frameworks is critical to improving protection against phishing . MFA requires users to provide two or more verification factors to access a resource such as an online account , workstation or database , significantly reducing the risk of unauthorised access even if phishing attempts capture one form of user credentials .
However , in 2022 we saw the arrival of ‘ MFA bombing ’. This is an excellent example of cybercriminals finding ways around technological defences by attacking the human layer . In the Uber hack , the attackers flooded employees with MFA requests until they got annoyed and gave up access out of frustration . Attackers have also invested in research to bypass MFA in more technical ways , such as using person-in-the-middle attacks to capture and replace MFA codes .
While MFA is an essential component of any security framework , it should not be considered a ‘ silver bullet ’. To increase its effectiveness , MFA should be integrated into a broader security strategy that includes educating employees about potential MFA-related attacks and encouraging them to remain vigilant .
Considering the evolving nature of phishing tactics , what strategies do you advise for staying ahead of emerging threats ?
Organisations need to understand the importance of a security culture . I have already talked about the need to go beyond knowledge transfer and instead focus on empowering people to change their behaviour into secure habits . But all of this needs to be supported by an organisational culture that makes cybersecurity a top priority and a shared responsibility .
Cybersecurity , the emerging threats , the latest hacks and what we learn from them should be a constant topic of conversation – not just for IT and security teams , but for all departments . Leaders must encourage conversations about security , be
Every organisation needs content filtering to remove the deluge of spam before it hits inboxes or instant message channels .
role models for secure behaviour and training , and create structures and processes that empower employees to practice secure behaviour .
We can ’ t solve the current cyberthreat landscape by just talking about cybersecurity from time to time . Cybercrime is a highly professionalised industry and cyberattacks are the biggest business risk of our time . We need to engage our people to mitigate these risks , so we need to build security cultures that empower them to do so .
In your experience , what are the key indicators or red flags that CIOs should monitor to identify potential phishing incidents before they escalate ?
Every organisation needs content filtering to remove the deluge of spam before it hits inboxes or instant message channels . Filters on average catch 75 % of incoming communication threats , removing them to keep time wasting and malicious content away from staff . The content filter will do most of the heavy lifting in keeping the threats away from employees .
The next layer of control , the human layer , will receive any malicious emails or messages that do get through . It ’ s increasingly difficult for them to rely on traditional red flags such as misspellings , poor grammar , untrusted links or unexpected senders , as criminals use improved technology ( including AI ) to make their communications believable and convincing .
Therefore , users must also look at the sentiment of the communication and use it as an indicator . For example , is the communication pushing for an urgent response ? Does it try to trigger you emotionally ? Does it suggest that you operate outside an agreed process ? These can be key triggers that should alert a user that something is wrong . Highly aware people are able to control their natural emotional response , take a step back and engage their critical thinking . By investing in this , your employees and their reporting behaviour can also become a strong key indicator of potential phishing incidents .
WWW . INTELLIGENTCISO . COM 39