Three factors played a major role in more than 60% of data breaches last year, according to the 2020 Verizon Data Breach Investigations Report. Companies across the globe are still falling behind when it comes to preventing these go-to attacks: credential theft, business-email compromise, including phishing, along with human errors.
The report also highlights how security tactics for these three factors should be where most organizations are placing the majority of their focus, not only in cloud infrastructures, but for on-premises environments as well. Let’s take a closer look at how continuous monitoring within a multi-layered security solution can proactively give you a competitive advantage, particularly in the cloud.
1. HUMAN ERRORS
Verizon’s Data Breach Investigations report found misconfigurations that leave cloud-server buckets without password protection, along with poor asset management and employee errors are on the rise, with a 4.9% increase over last year. While relying on certified-cloud expertise to build and deploy your cloud environment is perhaps the most critical first step to protecting data, continuous monitoring and vulnerability management will work to keep you safe from a technical standpoint. Our Premonition™ Security Suite offers Security Information and Event Management (SIEM) technology that constantly monitors, detects, correlates and quickly responds to threat activity across your entire IT infrastructure. This includes pinpointing misconfigurations and other vulnerabilities caused by human error.
2. PHISHING AND EMAIL COMPROMISE
Perhaps the most frustrating vulnerability that continues to be a thorn in the side of companies globally is social engineering attacks, such as phishing and email compromise. The report strongly suggests the IT industry as a whole must become more adept at taking the human factor out of the exploit, not only with better employee awareness and training, but also from at technology position.
Protelligent® can help level the playing field in both of those areas. Our online organizational awareness courses through our managed-security platform are instructor led and provide comprehensive training that covers a range of security topics relevant to the most current threats. In addition, we also partner with you to perform routine penetration and attack resiliency testing using the latest social-engineering tactics to find the human vulnerabilities within your organization. Our Security Operations Center (SOC) delivers another layer of protection by leveraging the latest threat intelligence to continuously monitor account activity. This enables malware and other social-engineering vulnerabilities to be proactively identified and remediated.
3. CREDENTIAL THEFT
Verizon points to the key finding that brute-forcing of passwords, as well as the use of lost or stolen credentials were a factor in roughly four out of five breaches caused by actual hacking. In addition, used or stolen credentials were responsible in part for 37% of all breaches. The report also notes until businesses implement multi-factor authentication across the board, this method of attack will continue to spiral.
Protelligent’s certified AWS-architects can help you through every step of setting up and maintaining these critical administrative controls. From multi-factor authentication implementation and credential monitoring to creating and enforcing resource-access policies, we have the capabilities to deliver end-to-end support, work alongside your existing IT department or provide escalation services.
The bottom line is companies can no longer take shortcuts when it comes to quickly identifying and responding to both external and internal factors that threaten data security. Our Premonition™ Security Suite breaks through the barriers small and medium-sized businesses typically experience in running a multi-layered security platform that includes continuous monitoring, penetration testing and employee training. Call our AWS-certified cloud architects at (855) PRO-TELL and get enterprise-class security now.
Comments are closed.