The following article appeared on Digital IT News on May 15, 2024 written by Verinext’s Joseph Campbell. Read the original article here.

There are over 2,200 cyberattacks daily, equating to nearly one cyberattack every 39 seconds. Understandably, this has led cybersecurity to be the top concern for enterprises worldwide. With cyberthreats constantly evolving, all organizations must adapt and strengthen their defense strategies to prevent costly breaches and attacks.

Here are the top tips for adapting your cybersecurity defenses.

Protect Access Credentials

For years now, attackers have targeted credentials. Even after the nationwide increase in credential security, it still remains a prevalent issue. The Ponemon Institute found that 54% of security incidents were caused by credential theft. Enterprises looking to safeguard their access points should follow these three steps:

  1. Implement Phishing-Resistant Multi-factor Authentication (MFA) – According to IBM, Phishing is the most expensive initial attack vector, racking up a cost of $4.9 million in 2023 alone. Phishing-resistant MFA, such as FIDO-based authentication, adds an additional layer of security beyond traditional MFA techniques like SMS or one-time-passwords (OTPs). This reduces the likelihood of successful phishing attacks and adds a significant layer of protection.
  2. Secure Service Accounts through Privileged Access Management (PAM) – Utilizing a PAM system for managing service accounts helps in password management, rotation and obfuscation. This mitigates the risk of compromised credentials with access privileges, removing credentials as an attack path.
  3. Transition to Passwordless Authentication – Lastly, remove passwords as the primary authentication source. Moving towards a Passwordless Environment or Passwordless Experience in the environment eliminates significant vulnerabilities, reducing the likelihood of brute force attacks and credentials as an attack vector.

Enhance Breach Detection Capabilities

The number of data breaches in the U.S. has significantly increased within the past decade. Statistica reported 447 data breaches in 2012, and by 2023 they found over 3,205 total breaches. However, these numbers are just the breaches that have been reported. It’s is widely believed that the number of actual breaches far exceeds these figures. This, coupled with IBM’s estimated average total cost of $5.13 million per breach, proves how seriously companies should take this issue.

Quickly detecting “Indicators of Attack” is crucial in minimizing the impact of cyberattacks. Organizations should invest in people, processes and technology, as well as implementing Active Directory Hygiene and Identity Threat Detection that will find and shut down malicious activity before entering the organization’s IT infrastructure. With these investments, organizations must find the balance between securing their “crown jewels” and enabling their organization to operate efficiently.

  1. Invest in People, Processes and Technology – Organizations must allocate resources toward cybersecurity investments aimed at decreasing the time it takes to detect and respond to cyber threats. This involves a full-rounded approach of skilled personnel, streamlined processes and cutting-edge technologies.
  2. Focus on Active Directory (AD) Hygiene – Active Directory (AD) has continued to be the core authentication platform in most organizations making AD Hygiene the most important component. CrowdStrike found that 50 percent of organizations have experienced an Active Directory attack in the last two years, and 40 percent of those attacks were successful due to poor hygiene. By regularly reviewing and monitoring user and device identities, managing security groups and employing Privileged Access Management for AD admins, organizations stand a stronger chance at preventing and remaining secure during these attacks.
  3. Implement Identity Threat Detection and Response (ITDR) – The best way to prevent any attack is to stay proactive. ITDR solutions enable proactive monitoring and control of the Active Directory environment, enforcing early detection and response to identity-based threats.

Emphasize Attack Surface Management

Attack surface management has become increasingly popular for modern organizations. This is largely due to the projected 50% increase in cyberattacks across all industries by 2026.  A vast majority of attacked surfaces are exposed through external services and SaaS platforms. For example: organizations where known and unknown cloud-native workloads are expected to be in place, in addition to Shadow IT. When traditional perimeter security measures are undefined, attack surface management is essential to an organization’s cybersecurity defenses. Prioritizing effective management of the attack surface is indispensable for comprehensive defense-in-depth strategies. This will allow the identification and mitigation of potential vulnerabilities.

Leverage Threat Intelligence

In IBM’s 2023 Cost of Data Breach Report, they concluded that globally, organizations took an average of 204 days to identify a data breach. That said, organizations using threat intelligence identified threats 28 days faster. Threat Intelligence has proven vital in helping organizations block the “known bad” and understand and contextualize threats in and outside their environment. Additionally, operationalizing high-fidelity Threat Intelligence sources will help facilitate rapid detection by decreasing false positives and enabling incident responders to focus on decreasing the time to mitigate and remediate cyber threats.

Safeguarding your business against cyber threats requires a comprehensive strategy.  It requires proactive measures to protect access credentials, enhance breach detection capabilities, manage attack surfaces and leverage threat intelligence sources. While the occurrence and cost of breaches continue to grow, not all hope is lost. Organizations can effectively mitigate their risk by continuously by evolving and reinforcing their strategies for cybersecurity defenses.

Related Posts:

Adapting Your Cyber Security Defenses: Tips for the Modern Business

Modern Networking for the Connected Business