How to Improve Business Security With Technology

Having anti-virus software DOES NOT give you a free pass against phishing threats.  They do not prevent your users from falling for sophisticated social engineering attacks. No amount of legacy anti-virus software can stop an employee from entering their Office 365 credentials into a devious phishing site.  Or keep an executive from approving a multi-million dollar fraudulent transaction.  Phishing has evolved way beyond just malware delivery. Increasingly, it's a complex, multi-vector con job targeting your most important asset - your people.  Phishers don't always need an infected device to succeed; just uninformed recipients. Here are 4 steps you can take to mitigate risks:   1. 𝐄𝐦𝐩𝐥𝐨𝐲𝐞𝐞 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠 𝐚𝐧𝐝 𝐀𝐰𝐚𝐫𝐞𝐧𝐞𝐬𝐬 𝐏𝐫𝐨𝐠𝐫𝐚𝐦𝐬: Regular training sessions with mock phishing scenarios can help employees recognize and avoid phishing attempts. This is crucial as phishing attacks often rely on tricking users into giving away their information. 2. 𝐃𝐲𝐧𝐚𝐦𝐢𝐜 𝐎𝐛𝐟𝐮𝐬𝐜𝐚𝐭𝐢𝐨𝐧: This is a technique where the information presented to potential attackers is constantly changing, making it difficult for them to gain a foothold. It can be particularly effective in protecting against phishing attacks that rely on gathering information about the system or the users. 3. 𝐏𝐡𝐢𝐬𝐡𝐢𝐧𝐠-𝐑𝐞𝐬𝐢𝐬𝐭𝐚𝐧𝐭 𝐌𝐮𝐥𝐭𝐢-𝐅𝐚𝐜𝐭𝐨𝐫 𝐀𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐢𝐨𝐧 (𝐌𝐅𝐀): While MFA is a common recommendation, using a phishing-resistant MFA adds an extra layer of security. This could involve using hardware tokens or biometric data, which are much harder for a phishing attack to replicate. 4. 𝐈𝐧𝐯𝐞𝐬𝐭 𝐢𝐧 𝐚 𝐂𝐨𝐦𝐩𝐫𝐞𝐡𝐞𝐧𝐬𝐢𝐯𝐞, 𝐌𝐮𝐥𝐭𝐢-𝐋𝐚𝐲𝐞𝐫𝐞𝐝 𝐄𝐦𝐚𝐢𝐥 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐒𝐨𝐥𝐮𝐭𝐢𝐨𝐧: Invest in a comprehensive, multi-layered, anti-phishing security solution that covers all aspects of your business. That means adding a specialist cloud email security solution like MailGuard, to your email security stack.   Modern phishing protection must blend cutting-edge technology with comprehensive security awareness.  Believing otherwise is the real virus that can leave you vulnerable.

Why Multi-Factor Authentication (MFA) Alone Isn’t Enough MFA is an essential layer of defense to safeguard accounts and systems—but it’s not a silver bullet. Cybercriminals continue to innovate, using tactics like social engineering, phishing, and device compromises to bypass MFA protections. A recent DarkReading article, "Researchers Crack Microsoft Azure MFA in an Hour", highlights just how vulnerable MFA can be against determined attackers. (article: https://lnkd.in/eyDwbH4Z) As we approach 2025, it’s imperative for business leaders to actively engage with technology and security teams to ensure that authentication strategies evolve to address these growing threats. Here are five key questions to ask your teams to ensure a comprehensive and user-centered security approach: ✅ How do we leverage adaptive authentication for smarter risk detection? Ask for real-world examples where adaptive authentication identifies unusual user behavior or location-based risks to thwart threats. ✅ How do we implement 'trust but verify' post-login? Request a walkthrough of continuous authentication, exploring tokenized access, device verification, and real-time risk evaluation to maintain security without compromising user experience. ✅ What are our 2025 plans for ongoing user education on social engineering? The old practice of phishing tests followed by "gotcha" moments is outdated. Instead, empower employees with training to recognize and prevent manipulation attempts. ✅ Are we enhancing monitoring with behavior-based analytics? Behavioral analytics can flag anomalies before they escalate into breaches, offering a proactive defense mechanism. ✅ Should we add stronger MFA layers for high-risk areas? Evaluate options like FIDO2 security keys for executives or IT teams. These keys are more resistant to phishing and other interception attacks, offering advanced protection where it matters most. Cost Considerations Implementing and enhancing MFA involves investments in several areas: Hardware & Licensing System Updates: Custom development or updates may be required to integrate advanced MFA methods into legacy systems. Training & Support: Equipping end users and help desk teams with the skills to implement and troubleshoot MFA effectively ensures smooth adoption. While MFA is not a plug-and-play solution, it remains a critical component of a layered defense strategy. With thoughtful planning, budget allocation, and strong executive backing, MFA—paired with adaptive authentication, behavior-based monitoring, and advanced tools like FIDO2 keys—can significantly reduce the risk of cyberattacks and insider threats.

Every month I pick a topic for a really short write-up that I put at the top of a weekly update email I send out to some of my customers. I figured I'd start sharing that monthly topic here as well each month. Without further ado... Top 5 Security Tips for Every Organization Security is a huge complex topic, but I wanted to share 5 things at minimum every organization should be thinking about for their security posture. Require strong authentication - Think about MFA and ideally phishing resistent methods like certificate-based, hello for business, passkeys/FIDO2. Less is more - Practice least privilege and just-in-time access. Humans shouldn't be touching production systems except in exceptional circumstances. Permissions should only be the minimum required for the task (both human and service accounts/managed identities) and for humans elevate up to privileged permissions for limited time when needed. Less is more also applies to connectivity, only have the minimum required connectivity between systems and networks. Stay current - This applies to updates on operating systems, runtimes, applications, anti-malware, agents etc WHILE ENSURING YOU FOLLOW SAFE DEPLOYMENT PRACTICES, i.e. don't just update everything at the same time. Use staged deployments to build confidence (as discussed at https://lnkd.in/ghR76sTw). Have isolated backups - Have separtely secured backups that require different credentials to access. For example in Azure Backup you can use Resource Guard, immutable vaults). Stay informed - This applies to everyone. As security practioners understand the threats that exist and how to protect. For your users help them be aware of common threats they can be vigilant for and where possible help protect them. For a more detailed set of guidance see https://lnkd.in/gRyMrzZx. Stay safe out there!

🔬 Comparing 2023 vs 2024 CVE numbers. Total CVE count grew 14.1% from 29084 in 2023 to 33201 in 2024. Microsoft CVEs grew 13.6% from 11575 in 2023 to 13150 in 2024. Linux  + RedHat CVEs grew 142.3% 🤯 from 3,650 in 2023 to 8,847 in 2024. Apple  CVEs decreased 6.1% from 1589 in 2023 to 1492 in 2024. Given the significant increase in CVE numbers, particularly the dramatic rise in Linux + RedHat vulnerabilities, it's crucial for organizations to enhance their cybersecurity measures. Here are some steps to take going into 2025: 🔎Vulnerability Assessment: Conduct comprehensive vulnerability assessments across all systems, with a special focus on Linux and RedHat environments. Utilize tools that can scan for both known and zero-day vulnerabilities. 🩹Patch Management: Prioritize the patching of vulnerabilities, especially those listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Ensure that all patches for Microsoft, Linux, and RedHat systems are applied promptly. 👨💻Update Software and Systems: Regularly update all software, particularly operating systems and applications from Microsoft, Linux, and RedHat, to the latest secure versions. Consider automating updates where possible to reduce human error. 🧑🎓Security Training and Awareness: Increase staff awareness through training sessions about the latest threats, particularly those related to the increased CVEs. Focus on the importance of timely updates and secure practices. 🚨Incident Response Planning: Review and update your incident response plan to include specific procedures for dealing with exploits related to new CVEs. Conduct drills to ensure preparedness. 📊Monitor and Analyze: Implement or improve systems for continuous monitoring of your network and systems for anomalous behavior or signs of exploitation. Use threat intelligence to stay ahead of potential attackers. Engage with Security Communities: Stay engaged with cybersecurity communities, subscribe to security bulletins from vendors like Microsoft, RedHat, and Apple, and participate in forums or groups where vulnerabilities are discussed to keep abreast of emerging threats. 🔎Review Vendor Security Practices: For organizations using Microsoft or Linux/RedHat products, review the security practices of these vendors. Understand how they handle vulnerability disclosures and patching processes to align internal policies accordingly. 🦺Consider Cybersecurity Insurance: Evaluate whether your organization could benefit from cybersecurity insurance, especially given the rise in vulnerabilities which might increase the risk of a security incident. By taking these actions, organizations can better protect themselves against the growing number of vulnerabilities, ensuring that their systems remain secure even as threats evolve. #infosec #cyber #security

The 2025 Verizon Business Data Breach Investigations Report (DBIR) is here, and it delivers critical insights into the shifting cybersecurity landscape. For Enterprise and Public Sector business decision-makers, understanding these trends is crucial for protecting your organizations and the communities we serve. Here are some key findings from the report that rose to the top for me: - Exploitation of Vulnerabilities Surges: A 34% increase in vulnerability exploitation, with a focus on zero-day exploits targeting perimeter devices and VPNs, demands heightened vigilance and proactive patching strategies. - Ransomware Remains a Persistent Threat: Ransomware attacks have risen by 37%, now present in 44% of breaches. Enterprise and Public Sector entities must bolster their defenses and incident response capabilities. - Third-Party Risks Double: Breaches involving third parties have doubled, highlighting the critical importance of supply chain security and robust vendor management programs. - Espionage-Motivated Attacks Rise: We're seeing an alarming rise in espionage-motivated attacks in sectors like Manufacturing and Healthcare, as well as persistent threats in Education, Finance, and Retail. Public Sector entities are also at risk. - Credential Abuse Continues: Credential abuse remains a leading attack vector, emphasizing the need for strong authentication, multi-factor authentication, and continuous monitoring. For Enterprise and Public Sector organizations, these findings underscore the need for a multi-layered defense strategy, including: - Robust Vulnerability Management: Implement timely patching and vulnerability scanning. - Enhanced Security Awareness Training: Address the human element and reduce susceptibility to social engineering. - Strengthened Third-Party Risk Management: Thoroughly vet and monitor vendors and partners. - Advanced Threat Detection and Response: Invest in technologies and processes to detect and respond to threats quickly. The 2025 DBIR provides actionable insights to help us navigate these challenges. To dive deeper into the findings and learn how to enhance your organization's security posture, visit: https://lnkd.in/eXdHUYVM #Cybersecurity #DataBreach #EnterpriseSecurity #PublicSector #DBIR #Ransomware #ThreatIntelligence #VerizonBusiness #PublicSectorSecurity Verizon Jonathan Nikols | Daniel Lawson | Robert Le Busque | Sanjiv Gossain | Maggie Hallbach | Don Mercier | Chris Novak | Alistair Neil | Ashish Khanna | Alex Pinto | David Hylender | Suzanne Widup | Philippe Langlois | Nasrin Rezai | Iris Meijer

I keep hearing the owners of different small and medium businesses say that they aren’t a target for Internet crooks. After all, the only thing you hear about on the news are attacks on big companies. The reality is that those smaller businesses don’t make the news because their breaches aren’t big enough to elbow out other news stories. Not because they don’t happen. Kudos to Tom's Hardware for thinking that the shuttering of a 150+ year old company due to a ransomware attack, and the loss of 700 jobs, was a story worth telling. The story also reinforces why multifactor authentication, and password complexity requirements, are so critical. If your business is like theirs, you should really consider stepping up your security. You WILL be attacked. It’s only a matter of time. Stronger security, coupled with enhanced resiliency and training, is the key. If you’re looking for a place to start, start by putting in place multifactor authentication on all your user accounts. Then implement the fifteen requirements here: https://lnkd.in/eZuYgatu. They are the same requirements the government expects to be in place by any business that supplies goods or services to the government. While far from perfect, they represent a very achievable step in the right direction. And when you’re done with those, turn your attention to the requirements here: https://lnkd.in/emmgY-gW. Your previous work will lay a good foundation for everything you’ll do there. The article also says “Moreover, it was mused that companies should have a regular independent cyber-audit to ensure a minimum standard of cybersecurity hygiene.” Matthew Titcombe and I couldn’t agree more. https://lnkd.in/e3Mfn3me #cyber #infosec #informationsecurity #cybersecurity #FAR #DFARS