WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 25, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
This week, National Cyber Security Awareness Month (NCSAM) focuses on accountability and responsibility within the information security space: “It’s Everyone’s Job to Ensure Online Safety at Work.” This theme underlines the importance of a communal effort to achieve strong security awareness within an organization – it takes a village.
“We must accept human error as inevitable – and design around that fact.” – Donald Berwick
People are naturally conditioned to be helpful and polite. Unfortunately, this innate characteristic does not play well into established cyber defense strategies, and cybercriminals have gainfully benefitted from it. The majority of executed cyberattacks come from the inside of an organization. Educating employees on how to respond to potential email-based attacks and other social engineering tactics, maintain successful operational security, stay on top of password management and actively use the implemented incident response and escalation plan can radically decrease an organization’s attack surface.
Being a security awareness advocate can occasionally feel like herding cats. You may feel that you are trying to push water uphill when you repeat, “trust, but verify,” but this concept is crucial to keep in mind throughout your daily doings. On the bright side, maintaining a thorough and concise security policy, while avidly reinforcing employee awareness training, can successfully ease the confusion and obscurity of security policies that many professionals face today. Organization-wide security training and compliance can be the differentiator between a secure environment and a breach, data leakage or financial loss.
Mimecast reports that email-based attacks are the number-one vector cybercriminals leverage to deliver phishing attacks, malware and impersonations. Further, almost 90% of organizations have observed an increased or static number of phishing attacks within the last year. Email-based attacks are not a new phenomenon and the ubiquity of such attacks implies that they are not going away any time soon.
The 2018 Phishing Trends and Intelligence Report by PhishLabs suggests that, “users are the most prominent and exploitable vulnerability.” This issue highlights the unfortunate, but true, concept that humans are the weakest link within the information security risk model. It appears that cybercriminals are beginning to shift focus from attacking individuals to attacking entire organizations.
Phishing emails can be delivered to users, imitating a trusted source. For example, an attacker may attempt to send an email from email-google[.]com to trick a user into thinking the email is from Google services. The email may maintain a link to reset a password that was purportedly “compromised.” The link within the email can direct users to email-google[.]com where the victim may be prompted to enter credentials or personally identifiable information. At this point, the attacker has a valid email and password combination that may be useful on other accounts owned by the victim. Further, the number of phishing sites located on HTTPS websites has significantly increased since 2016. Phishers believe that HTTPS sites are more likely to be trusted by users, which can lead to more successful outcomes – unfortunately, they are right on the money.
The best way to avoid phishing attacks is to implement multiple system defenses, and as paramount, strictly follow and enforce established security policies.
Over time, malware and ransomware and trojan delivery via phishing emails has increased significantly. Malware is defined as software that is intended to damage or disable computers or computer systems. Ransomware and trojans are subtypes of malware that can masquerade as harmless attachments, but when executed, can deliver malicious code or lock the victim out of their workstation. Emails can be sent with what appears to be an innocent attachment; however, unbeknownst to the user, the attachment is embedded with malware. Users can avoid these nefarious traps by disabling automatic attachment downloads and using an up-to-date antivirus software to scan attachments prior to download.
In our latest whitepaper, Pst! Cybercriminals on the Outlook for Your Emails, we highlight how attackers can use exposed credentials to make illegitimate and malicious requests to colleagues, dig through the victim’s inbox to identify more potential targets or configure rules to silently forward emails to the attacker or delete nefarious emails from the sent box.
Historically, impersonation attacks have mostly targeted individuals within the same company; however, organizations have seen increased impersonation attacks where the attacker acts as a trusted third-party or partner. When it comes to alleviating impersonation attacks, employee education is key. Applying technical controls, improving employee training, and augmenting negligent email practices are imperative to mitigating these attacks.
Top social media security risks include network or data breach, data leakage, loss of customer trust and negative publicity. Attackers can create an illegitimate account, act as a legitimate company support contact and fraudulently direct customers to a phishing page to enter credentials or personally identifiable information. Social media “account hacks” can also pose as an attack vector; bad actors may successfully gain access to an organization’s social media page and begin posting malicious or defamatory content. Unfortunately, this issue does not stop with corporate social media accounts. As an individual, employees can be misled in releasing confidential information to “trusted sources” via social engineering attacks. Malicious actors can create spoof profiles to act under a different persona and reach out to potential targets, which may appear to be a friend, colleague or third-party vendor.
To mitigate these potential threats, make a point to understand the potential risks and how your organization may be targeted. Collaborate and build a plan to maintain a safe and secure environment while propagating an effective social media presence for business needs. Further, make employees aware of the risks they may experience and how to avoid social media attacks. This can be accomplished by periodically assessing potential vulnerabilities within the company and teaching personnel to be critical when accepting connection requests, clicking on links or identifying spam.
Implementing a clean desk policy reinforces security awareness among employees and elevates the necessity of protecting sensitive information. The SANS Clean Desk Policy report suggests that, “a Clean Desk policy is not only ISO 27001/17799 compliant, but it is also part of standard basic privacy control.” Employees should securely stow sensitive or critical information to avoid data, information or financial loss. Further, when users are not directly in control of their workstation, it is imperative to lock their machine to avoid potential bad actors (colleagues or other) from accessing sensitive data or maliciously acting on the user’s behalf.
Implementing a password policy and using a credible password manager is essential in maintaining account security. For best password practice, it is safest to create a new password for each account. We are all human, so remembering these passwords can be tough, but this is where a password manager becomes a very handy tool. Check out our previous blog on Credential Hygiene for recommendations on password length, re-use and multi-factor authentication (MFA).
The 2018 SANS Security Awareness Report recommends that maintaining qualified and dedicated cyber security awareness staff is essential. Finance and operations departments are reportedly the largest road block for security awareness teams. Transparent communication about the value and benefits of a successful security awareness program, from a business perspective, can minimize gaps in understanding and emphasize effectiveness.
Gartner suggests that ineffective security policies are too long and obtuse, do not address business concerns, are not tailored to specific organizations and are too technical for non-technical personnel within an organization. It is essential for companies to create a concise security policy that is easily understandable and easily applicable to all individuals, professions and ranks within an organization; thoroughness and simplicity is key. Templating a generic security policy can be detrimental to an organization’s risk; creating a security policy based off an organization’s perceived and potential risks is more suitable and valuable. It is important that we do not make security policy compliance an afterthought – build a security awareness culture where employees can understand and carry out established plans and incident response procedures accordingly.
In the end, security awareness and compliance are everyone’s job. After all, we are all in this together.
To stay up to date with the latest digital risk and threat intelligence news, subscribe to our threat intelligence emails here.