Why combating social engineering attacks requires a team sports approach

David Raissipour, Mimecast Chief Technology and Product Officer.

By the time you finish reading this article, it’s likely that someone within your organization will be the target of a social engineering attack.

That attack could come in the form of a spoofed email containing hidden malware. Or maybe a text message from an unidentified “customer service professional” asking for the company’s credit card number. Slack notification from “internal admin” requesting confidential VPN credentials. Maybe even a Zoom meeting invitation sent by a digital blackmailer masquerading as a friendly colleague.

All it takes is one mistake to put your organization at immediate risk.

Unfortunately, the above hypothetical examples are not mere exaggerations intended to paint a doomsday scenario to scare CISOs. They are clear microcosms of the complex and rapidly evolving cyber threat landscape – real-world events that typify the dangerous environment in which we live and work today.

The proliferation of social engineering attacks targeting the intersection of business communications, people and data is more prevalent than ever amid society’s shift to hybrid, cloud-based work models. Nearly every organization surveyed in our company’s State of Email Security 2022 report was the target of phishing attempts during the previous year, and most respondents also reported an increase in such incidents over the same period. Furthermore, according to the Federal Bureau of Investigation’s 2022 report, business email compromise attacks cost global organizations more than $43 billion as of June 2016.

Before we can make significant progress in the ongoing fight against cybercrime, a change in mindset is needed in both the public and private sectors. Trying to combat sophisticated threat actors with strained security teams operationalizing sprawling tools and isolated systems only adds another layer of complexity to the challenge at hand. Instead, enterprises must design their security frameworks around a holistic approach to team sports that combines the power of people, process, product and API partnerships into a unified front.

Embracing a team sport philosophy unlocks strength in numbers through universal alignment across the hybrid attack surface, paving clear paths to a stronger security posture that enables organizations to operate protected.

Empowering your people

Building an effective cyber security framework is not only about adopting innovative technologies and best solutions. Security is a human problem at its core. The countless systems that organizations manage are created by people, run by them and, above all, built to protect people. On the other hand, it is imperative to incorporate an intuitive architecture that effectively mitigates vulnerabilities caused by human error. An alliance of cyber-resilient teams, along with well-integrated solutions, provides the agility companies need to combat today’s threat actors.

That starts with placing a strong emphasis on empowering your teams, partners, suppliers and the C-suite. Mitigate attrition and fill the cybersecurity skills gap with AI and machine learning tools that streamline processes, automate repetitive tasks, and improve detection/response efficiency. Empower your workforce, as well as that of your partners and suppliers, to become strong cyber citizens through ongoing training to raise user awareness of email security and collaboration best practices. Support your C-suite in raising cyber readiness by instilling the appropriate expertise in your executive board and effectively articulating the correlation between cyber and business risk. You wouldn’t ask a CFO to create a corporate marketing strategy, so why leave the crucial task of developing a robust security framework to executives who don’t have extensive cybersecurity experience?

Simplifying your security environment

The rate of adoption of new security products and services is at an all-time high. According to Gartner, organizational spending on cybersecurity is poised to top $188 billion by 2023 — an 11.3% increase from 2021. That’s a reactionary response to accelerating cyber threats amid rapid digital transformation that, while well-intentioned, has created the huge problem of spread of tools across industries. On average, companies use between 60 and 80 tools in their portfolio, with some using as many as 140 tools.

The proliferation of tools is problematic because it adds complexity to already strained security teams. Every time a new solution is added to the stack, the analyst must learn how to implement, configure, and maintain it on the fly with minimal time to immerse themselves in the intricacies of the technology. Increased complexity leads to technology management being prioritized over risk management, which creates gaps and loopholes that allow social engineering attacks to bypass security teams undetected.

This increases the importance of prioritizing the adoption of tools that address specific hybrid attack surface vulnerabilities. Can the solution protect employees regardless of where and how they work? Does it simplify incident detection and response so that human analysts can be more productive? Is it interoperable with other systems to enable real-time threat data sharing and end-to-end visibility? These are questions that must be at the top of your mind.

Leveraging API Partnerships

A deep library of APIs and third-party integration is the third component of the team sports approach. For a simplified example, imagine the various components of a high-octane NFL offense built around an elite quarterback. If his offensive line can’t protect him in the pocket, he won’t have enough time to work his reads and find the open receiver. If his tight end fails to run the correct route, the wrong throw could lead to a costly interception. Even the best defender in the world can’t carry his team alone. All 11 players on the field need to work together to win matches.

The same goes for cyber security. Combating social engineering attacks requires integrated solutions that provide the right mix of prevention, detection and response processes at scale. Without interconnected tools and technologies that combine core security functions into a single, networked framework, it is nearly impossible for organizations to protect data throughout its lifecycle and emerge victorious over its malicious adversaries.

While the prevalence of social engineering attacks on hybrid workplaces will remain, the actions organizations take today will dictate their ability to operate securely tomorrow.

The Forbes Technology Council is an invitation-only community for top CIOs, CTOs and technology executives. do I qualify?

Leave a Reply

Your email address will not be published. Required fields are marked *