One of the biggest challenges to your information security is employee behavior. Because employees are conditioned to respond quickly, especially when a request comes from an executive, spear phishing attacks are very effective. From the U.S. OPM breach to Anthem and Target, spear phishing is an attack that exploits employees to distribute malware and weaponized documents that are designed to go undetected by traditional antivirus solutions. Spear phishing attacks often execute before traditional antivirus software can detect it and then it is too late. Now you’re compromised with ransomware or some other malware variant that is opening doors and disabling security.
An important component of improving your cybersecurity posture is to make sure employees don’t simply react to emails from senior management. Employees should be taught that cybercriminals are very adept at spoofing executive email addresses. They’re able farm executive information from corporate websites and LinkedIn in order to develop their attack. However, you can make it more difficult for them to succeed. First, executive contact information shouldn’t be readily available to outside sources. Secondly, employees need to be trained on the consequences of clicking on a link and/or downloading an attachment. You need for them to pause and think about the request before reacting.
But as the video shows, human behavior can be very difficult to correct. Therefore, in addition to educating employees how to spot and respond to threats, you should also consider deploying a next generation antivirus. Solutions like CylancePROTECT utilize machine learning to analyze files and stop them before they can execute. Detecting and stopping malware before it can execute is a critical component to preventing a data breach.
To learn more about how CylancePROTECT helps prevent data breaches, request a demonstration at info@cybrforce.com