DAVID MORIMANNO, DIRECTOR OF IDENTITY AND ACCESS MANAGEMENT TECHNOLOGIES, XALIENT

rom a threat actor’ s perspective,

The challenge with social engineering and phishing campaigns is that they are becoming increasingly convincing, even stepping beyond emails and texts to voice and video calls with the help of AI. The constantly developing threats mean employee training must be regular and kept up-to-date.

Additionally, as the lines between our work and personal lives become increasingly blurred, we are generating more information that could be leveraged against us by threat actors. Posting pictures of children in school uniforms, regular coffee shop haunts, work trips and holidays is valuable Open-source Intelligence( OSINT) that can inform convincing social engineering campaigns.

Social media information can be cross-referenced with LinkedIn profiles, allowing attackers to craft convincing scams. For example, an attacker might impersonate a school reporting an emergency involving a child and redirect the

The challenge with social engineering and phishing campaigns is that they are becoming increasingly convincing. parent( employee) to a fake portal. While the sophistication has developed, the actual themes are not new. Attackers often rely on urgency, fear or authority to garner a response.

To effectively combat this, a culture of verification is required. Employees should be encouraged to double check email addresses, hang up and call back using known numbers, and verify unexpected requests. This, in combination with training, can create awareness around fraudulent campaigns and mitigate the risk of their success.

Furthermore, Zero Trust Network Access( ZTNA) would assist in mitigating the risk of campaigns that slip through the cracks of the training, reducing the threat actor’ s ability for lateral movement once within the network. There is also a risk that a social engineering campaign be so realistic that an employee becomes compromised by ransom, and rather than click any links or share any information, they are manipulated into enacting the threat actor’ s will to target the organisation.

Along with restricting access to non-essential information, ZTNA can leverage behavioural analytics to determine when an approved identity is behaving in an unusual way, and block access. To round out this defence, endpoint detection and response( EDR) and identity threat detection and response( ITDR) should also be deployed to identify suspicious activity on devices, contain threats early and provide telemetry for incident response.

Layering user awareness, identity controls, and intelligent access monitoring ensures organisations are not just defending the perimeter – but the people within it too.

28 WWW. INTELLIGENTCISO. COM