A PEOPLE-CENTRIC APPROACH TO STOPPING MALWARE , PHISHING , AND EMAIL FRAUD
Email is organisations ’ most essential business tool – and today ’ s top malware delivery vector . 1 It has become fertile ground for the most damaging cyber threats and all kinds of fraud , the channel where cyber attackers are most likely to compromise their targets . They trick users into clicking on an unsafe link , giving away their credentials , or even unwittingly carrying out attacks themselves ( such as wiring money or sending sensitive files ).
The threats have changed . Yet much of the cybersecurity sector remains stuck in old threat models , struggling to graft minor improvements onto old strategies that grow less and less effective by the day . It ’ s time for a new approach . In today ’ s threat landscape , an effective cybersecurity programme focuses on people first .
Measuring , surfacing and reporting user risk
The first step to protecting users is identifying which ones are most at risk . While every organisation may weigh various risk factors differently , all should comprise some combination of vulnerability , attacks and privilege .
Vulnerability is a way of determining who ’ s most likely to fall victim to a threat . An attack analysis can reveal who in your organisation is being targeted , to what extent , and by whom . And privilege can help predict how harmful a successful attack would be to the organisation .
We call users who represent a higher-than-normal risk based on any combination of these factors VAPs , or Very Attacked People™ . ◊ www . intelligentdatacentres . com