One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8468465 |
| Date de publication | 2024-03-22 06:00:42 (vue: 2024-03-22 13:07:47) |
| Titre | La solution centrée sur l'homme à un problème centré sur l'homme défiant vos données critiques The Human-Centric Solution to a Human-Centric Problem-Defending Your Critical Data |
| Texte | This cybersecurity lore is well on its way to becoming cliché. But like most clichés, it\'s true: Data doesn\'t leave your organization on its own. People let your data out. They either take it with them, or they leave the door open for someone else to help themselves. In this environment, where cybercriminals are less inclined to target software vulnerabilities and far more focused on our identities, the perimeter as we once knew it has disappeared. Today, our people are the perimeter-wherever they are, on-premises or in the cloud, and whatever systems, devices and credentials they use to access our data. Needless to say, if cyberattacks are targeted at our people (or rather, their identities), then our cyber defenses must be targeted, too. But with large and often remote workforces accessing our networks across various endpoints, this is increasingly challenging. To protect our people-and, in turn, our businesses-we need a deep understanding of who is accessing our data as well as how, when, where and why. It\'s only when we have all this information that we can begin to place protections where they are needed most, educate users on the risks they face and fight threat actors on the new frontier of our identities. Tackling insider threats As if defending a new, more fluid perimeter wasn\'t difficult enough, the increased focus on our identities presents another problem. Our people are already within our traditional defenses. So, to protect against malicious, compromised or careless users who are enabling data loss, we need to defend from the inside out. Email remains the number one entry point for common and advanced threats, so any effective defense starts in the inbox. Our people must understand the importance of strong credentials, the risk of password reuse and sharing, and the dangers posed by phishing emails, malicious links and bogus attachments. In our research for the 2024 State of the Phish report, Proofpoint found that security professionals in Europe and the Middle East rated password reuse as the riskiest behavior-and the second-most common behavior among end users. Email protection tools can assist here, too, by filtering malicious messages before they reach the inbox. That helps to mitigate the compromised employee use case. However, security teams must always assume that threats will get through these lines of defense, even with detection rates above 99% being the norm. And when they do, additional layers of security are needed to stop them in their tracks. Advanced enterprise data loss prevention (DLP) and insider threat management (ITM) tools provide this additional layer. By analyzing content, behavior and threat telemetry, these tools highlight anomalous or suspicious behavior that can lead to data loss. Careless users were the most cited cause of data loss in our inaugural 2024 Data Loss Landscape report. To handle this use case you might want to interrupt their careless behavior with a security prompt. For example, suppose an employee attempts to send confidential files in a plain text email. A simple pop-up advising them to reconsider their action could prevent this data from being exposed. A complete log of the incident is also captured, which can add real-world context to security awareness training. Another action that a careless user may perform is to send an email to the wrong recipient. According to our research, 1 in 3 users misdirected one or two emails to the wrong recipient. In the event of a malicious insider, intelligent DLP and ITM tools will spot and alert security teams to any high-risk behaviors. This could be a user who downloads an unauthorized app to a corporate machine or renames files to hide their intentions and cover their tracks. As for leavers-who remain one of the primary reasons for insider-driven data loss-security teams can take a more proactive approach. By focusing on these high-risk employees, you can build an evidential picture of intent. With the right tools in place, you can capture activity l |
| Envoyé | Oui |
| Condensat | 2024 about above access accessing according account accounts across action actively activity actors add additional advanced adversaries advising against age agent alert all already also always among analyzing anomalous another any anything app approach are assist assume attachments attackers attacks attempting attempts average awareness becoming before begin behavior behaviors behind being blend bogus born build business businesses but can capabilities capture captured careless case cases cause centers centric challenging channels cited classification clearer cliché clichés cloud coming common complete compromised compromise confidential content context corporate could cover credentials critical cyber cyberattacks cybercriminals cybersecurity damage dangers data deep defend defending defense defenses departing designed detect detection determined devices difficult disappeared dlp doesn door download downloads driven drives dual during earmarking east educate effective either else email emails employee employees enabling end endpoints enough enterprise entry environment escalate europe even event everyday everything evidential example exfiltrate expose exposed face falling falls far fast fight files filtering find fluid focus focused focusing found from frontier further get give global goes hand handle has have help helping helps here hide high highlight how however human identities importance inaugural inbox incident inclined increased increasingly information inside insider insiders insights insight” intelligent intent intentions interface interrupt investigations itm its just knew landscape large later laterally layer layers lead leave leavers legacy legal less let like limit lines links location locations log logging logs looking looks lore loss machine malicious management may means merges messages middle might misdirected mitigate monitoring more most move moving much must native need needed needless network networks new norm not number often once one only open ordinary organization organizations other out own password passwords people perform perimeter permissions phase phish phishing picture place plain platform podcast point pop posed potential precise premises presents prevent prevention primary privileges proactive problem professionals prompt proofpoint protect protecting protection protections protection provide rated rates rather reach real reasons recipient reconsider remain remains remote remove renames report research resources reuse right risk riskiest risks say screenshots second security send series sharing short simple software solution someone spot spotting starts state steal step stop strong suppose suspicious systems tackling take takes target targeted teams telemetry text that them themselves then these threat threats threats threat telemetry and through today too tools tracks traditional training transferring true: try trying tune turn two unauthorized understand understanding unified unusual use user users users: various victim view vigilant vulnerabilities want wasn way weak well what whatever when where wherever which who why will within workforces world worry wrong your |
| Tags | Tool Vulnerability Threat Cloud |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.