Loading...

Strong risk management measures require that cybersecurity be everyone’s job

Strong risk management measures require that cybersecurity be everyone’s job
Loading...

AI benefits everyone at large in numerous ways, but cybercriminals are also using this new technology for nefarious purposes. From gathering data more efficiently to using large language models to craft phishing communications, experienced and novice threat actors are relying on artificial intelligence (AI) to streamline their efforts to breach defence.

Organisations worldwide are taking notice, and executives are implementing efforts to combat this and other shifts in the threat landscape. Sixty-two percent of business leaders say they will mandate cybersecurity training in the form of certifications for IT and security personnel. Nearly as many (61%) say they’re introducing new security awareness and training programs for all employees.

What to Do Now to Guard Against AI-Driven Threats

Loading...

Malicious actors are increasingly harnessing AI to increase the volume and velocity of attacks they deploy. They are also using this technology to make phishing and related threats more believable than ever. While there are numerous steps your team can take to better protect your organisation from these changes in attacker activity, here are five things to do today to make everyone in the organisation be more aware of and ready to defend against an increasingly complex threat landscape.

Build a Culture of Cybersecurity

Cybersecurity is everyone’s job, not just the responsibility of your security and IT teams. Building a culture of cybersecurity within your organisation starts with making sure that employees at all levels are aware of common cyber risks and understand the role they play in maintaining robust security. This starts with executives across all departments having a shared vision of cybersecurity and communicating regularly about the importance of safeguarding the enterprise. Other activities should include conducting regular cybersecurity training sessions, implementing long-term awareness plans, and conducting simulations to test employees’ knowledge of today’s cyberthreats.

Loading...

Educate Your Employees

Employees continue to be high-value targets for threat actors, but with the right knowledge, they can also be a strong first line of defence against breaches. As cybercriminals embrace AI — using it to churn out more attacks and creating phishing and related threats that are harder for the average person to identify as malicious -ongoing cybersecurity education must be a critical part of your risk management strategy. If you currently have a cyber-awareness education program, reassess and update it often to reflect the changing threat landscape. If you are yet to implement an education initiative, there are many Software-as-a-Service (SaaS)-based offerings available that deliver timely training material, allow you to track users’ progress, and enable you to customise the content according to your organisation’s or industry’s needs.

Develop (or Reevaluate) Your Cybersecurity Processes and Plans

Loading...

Regarding cybersecurity incidents, it’s no longer a question of whether an organisation will experience a breach it’s “when.” Nearly 90% of enterprises experienced at least one breach in the last year. Cybersecurity is not a “set it and forget it” effort. Developing a continuous threat exposure management program allows enterprises to evaluate and reevaluate their efforts, ensuring that you have the right people, processes, and technology in place to manage organisational risk. These periodic checks enable you to identify potential security gaps before they become a problem.

Implement Multi-Factor Authentication and Zero-Trust Network Access

Knowing that more than 80% of data breaches involve stolen or brute-forced credentials, implementing multi-factor authentication (MFA) and zero-trust network access (ZTNA) is essential. MFA adds another layer of security by requiring users to verify their identity in multiple ways, such as using a combination of a password and biometric data like a fingerprint. This significantly reduces the risk of cybercriminals gaining unauthorized access to your network, even if a user’s credentials are compromised. Adding ZTNA augments secure access to sensitive information through encrypted tunnels, granular access controls, per-application access, and ongoing connection monitoring.

Loading...

Patch Software and Applications Regularly

Failing to patch software and applications continues to be a leading factor in breaches. According to our recent Global Threat Landscape Report, in almost 90% of the cases, our incident response team investigated where unauthorised access occurred through the exploitation of a vulnerability, the vulnerability was known, and a patch was available. It’s vital to keep all software, operating systems, and applications up to date with the latest security patches. If you don’t have a patch management process in place, establish one today to help streamline updates and ensure patches are implemented promptly. In many instances, AI can help automate tedious patching tasks.

Education and Collaboration Are Key to Disrupting Cybercrime

Loading...

As attackers up their game, every organisation must strengthen their defences in response. Implementing cyber education and awareness efforts helps lay the foundation of a culture of cybersecurity. Developing robust cybersecurity practices, ranging from MFA to ZTNA, and adopting the right technologies also go a long way in protecting your organisation’s digital assets. Remember that collaboration across the entire organisation is vital to success. Security is not just the responsibility of your security and IT teams. Above all, strong risk management measures require that cybersecurity be everyone’s job, as every person in your organisation has a role to play in disrupting cybercrime.

Vivek Srivastava

Vivek Srivastava


Vivek Srivastava is Country Manager, India & SAARC at Fortinet.


Sign up for Newsletter

Select your Newsletter frequency