Help Enable Smarter Decisions During Cybersecurity Awareness Month

Noor Boulos

Do a quick search for the top cybersecurity breaches thus far in 2022 and you’ll quickly be overwhelmed with reports of cryptocurrency thefts, attacks targeting multinational corporations and critical infrastructure, and nation-state backed attacks spurred by ongoing geopolitical conflict. It’s easy for individuals to let their guard down and think they’re safe because these complex attacks aren’t targeting them specifically. However, major incidents often start due to human factors which is why this year’s Cyber Security Awareness Month (CSAM) theme, “See Yourself in Cybersecurity,” is intentionally focused on the people part of cybersecurity. 

The 2022 Data Breach Investigations Report (DBIR) from Verizon finds that the top three paths threat actors use to infiltrate organizations are lost or stolen credentials, phishing, and exploiting vulnerabilities. The people aspect is critical to preventing these types of exploits. So, throughout October, CSAM is focused on raising awareness for these key areas:

  • Enabling multi-factor authentication (MFA)
  • Using strong passwords
  • Recognizing and reporting phishing 
  • Updating software

Most of you reading this blog are cybersecurity practitioners with ownership for putting strong cybersecurity measures in place to help protect your organization’s larger ecosystem. But those technologies and processes are only effective if everyone does their part to make smart decisions. Let’s take advantage of the topics CSAM has laid out to remind co-workers that their decisions matter. A few simple questions can lead to a fruitful dialog. For instance: Do you opt-in to MFA when it is available to you? Are your passwords unique and hard to crack? Do you know how to spot a potential phishing email and what to do? Is auto-updates turned on to make sure you take advantage of the latest software patches and upgrades as they become available? 

You can help bridge the security gap by extending the knowledge you take for granted with others. So, let’s get started with CSAM’s first topic, MFA, and some basic information we have found useful to share.

What is MFA?
The Cybersecurity and Infrastructure Security Agency (CISA) defines MFA as “a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login. MFA increases security because even if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space, computing device, network, or database.” 

Why should I use MFA?
Most passwords can be easily cracked, and many people reuse passwords. So, once an attacker has successfully used a password to get into one account, they will try that same password to gain access to additional accounts. MFA provides an extra layer of protection so that even if a password is compromised through a phishing attack or other means, and you aren’t aware or haven’t had a chance to do a password reset, you are still protected. 

How does MFA work?
MFA requires that you present two different kinds of “keys” to gain access to an account or system. One is a password or personal identification number (PIN) and the other could be a one-time passcode sent to your mobile phone or email, a separate smart card or hardware token, or a biometric option like a fingerprint or palm print.

Some employers require employees to use MFA, while many organizations provide the option to sign up for MFA. Given the option, everyone should take advantage of MFA to increase the level of difficulty for an attacker. It’s not just about keeping your own data and files secure. Once inside the network, attackers can remain unnoticed for weeks or even months, moving laterally until they reach their ultimate destination, typically an organization’s crown jewels such as customer and employee records, intellectual property, and legal and financial documents. The damage can be widespread and devastating.

We hope you find this information useful to pass along to colleagues, family and friends. Come back throughout the month of October as we focus on the other CSAM topics to help individuals and, ultimately, SecOps teams improve security.


Blog Archive

About ThreatQuotient™

ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ™, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration.
Share This