Category: Case Studies

Keeper Security has announced the release of a new case study in partnership with the Mike Morse Law Firm. This case study highlights how the firm leverages Keeper to address critical cybersecurity challenges and protect sensitive client information.

In an industry often slow to adopt emerging technologies, Mike Morse Law Firm demonstrates how legal organisations can modernise and secure their operations. According to research, the legal sector has seen a dramatic 77% increase in successful cyber attacks over the past year, with incidents rising from 538 in 2022/23 to 954 in 2023/24. The case study video, Keeper Security + Mike Morse Law Firm, features testimonials from the firm’s Chief Information Officer John Georgatos and IT Manager Tashi Genden, emphasising Keeper’s measurable impact on security, productivity and efficiency.

“As cyber threats grow more sophisticated, it’s essential for the legal industry to adopt enterprise-grade solutions that not only protect sensitive client data but also simplify day-to-day security operations,” said James Scobey, Chief Information Security Officer, Keeper Security. “Keeper allows firms like Mike Morse Law Firm to stay ahead of emerging threats while focusing on what truly matters – serving their clients with confidence.”

“At Mike Morse Law Firm, we’re committed to pushing the boundaries of what’s possible in the legal industry by embracing advanced cybersecurity solutions,” said Georgatos. “Keeper Security helps us modernise our workflows while giving us the peace of mind that our client data is protected at the highest standards. It’s exciting to be part of this transformation—changing the perception of what a law firm can achieve with technology.” 

To achieve compliance and maintain data security, while promoting a more efficient workflow, the firm relies on the following key features of Keeper’s platform: seamless integration with Single-Sign-On (SSO) providers, intuitive browser extensions for password autofill, streamlined onboarding and offboarding processes, and secure shared folder management for enhanced collaboration.

Earlier this month, Keeper Security unveiled a case study with Williams Racing.

The post Mike Morse Law Firm Chooses Keeper Security to Safeguard its Sensitive Legal Data appeared first on IT Security Guru.

Earlier this year,  Keeper Security announced its sponsorship of F1 team Williams Racing. Today, the password management pros have released an in-depth case study highlighting the critical role its solutions play in safeguarding the vast amounts of data used by Williams Racing in the high-stakes world of Formula 1. As one of the most data-driven sports in the world, Formula 1 teams rely on advanced systems to safeguard their highly sensitive data and maintain competitive edge – making cybersecurity more important than ever.

Keeper® plays a crucial role in securing Williams Racing’s business services, including contracts, commercial insights, financial data and more. Additionally, Williams Racing generates terabytes of data from race strategies to car designs and performance metrics every race weekend. A successful cyber attack against the team could be devastating with the potential to jeopardise intellectual property, compromise sensitive data and even disrupt operations, both at the team’s headquarters and at the track. For Williams Racing, securing this information is non-negotiable, and Keeper’s solutions are the perfect fit to protect their valuable assets.

“Formula 1 is a highly competitive environment where every advantage matters,” said Darren Guccione, CEO and Co-Founder of Keeper Security. “Our partnership with Williams Racing is about more than just securing their IT infrastructure and sensitive information – it’s about providing a secure foundation so the team can leverage data to drive performance while mitigating the risks associated with cyber threats.”

“We need data,” said James Vowles, Team Principal at Williams Racing. “We need cybersecurity. We need IT infrastructure. And we need the ability for people to work in a safe environment. And that’s irrespective of whether they are here in the United Kingdom or anywhere else in the world.”

The real-world impact of Keeper’s password security solutions is documented in the case study, which delves into the key outcomes for Williams Racing, including:

  • Enhanced Security for Critical Data – With Keeper’s zero-knowledge architecture, Williams Racing is able to keep sensitive information fully protected – like race strategies, designs and telemetry data. Keeper’s advanced password management ensures the team’s business services remain secure and resilient against unauthorised access.
  • Improved Operational Efficiency – Keeper’s centralised password management system streamlines credential management, saving the team valuable time during high-pressure race weekends and allowing them to stay focused on their core goals.
  • Seamless Global Access with High-Level Protection – By integrating Keeper’s solutions across its global workforce, Williams Racing can securely provide team members with the access they need, whether at the race track, in remote locations or back at their headquarters, all while ensuring that sensitive data remains protected against potential cyber threats.

The full case study offers an in-depth look at how Keeper’s solutions continue to support Williams Racing in maintaining the highest level of cybersecurity, enabling the team to perform with confidence and precision on and off the track. Hear from Williams Racing in their own words how they leverage Keeper in this video.

 

 

The post F1 Williams Racing Chooses Keeper Security to Safeguard Data appeared first on IT Security Guru.

SASE organisation Cato Networks has announced that Element Solutions Inc (ESI), the $2.3 billion provider of specialty chemical services, has adopted the Cato SASE Cloud Platform for its global network. With Cato, ESI onboards newly acquired companies quickly, in weeks not months. Overall, ESI indicated that the time to complete the integration work in a corporate acquisition has decreased by 80% since adopting the Cato SASE Cloud Platform.

Dustin Collins, Global CIO of ESI, said: “We started with Cato looking to shorten the time needed to complete the integration of acquisitions and improve our security. We ended up finding a true partner who helped us reimagine how IT can serve the business. We achieved both of our initial aims—and a lot more.”

Alon Alter, Chief Business Officer of Cato Networks, said: “Every day, we talk to business and IT executives who are frustrated with the slow pace of expanding their legacy network, Whether it’s waiting months for hardware deliveries or trying to connect remote locations and workers, companies lose opportunities due to the lack of agility. Cato was purpose-built to provide more agility to businesses through our cloud- delivered services. Rather than inhibit the business, as legacy systems do, Cato’s converged networking and security are a collaborator that enables the business.”

When it came to problems facing ESI before they adopted the Cato SASE Cloud Platform, legacy networks were the biggest hinderance. ESI’s legacy dates back more than 200 years with roots in metal finishing. Today, the company operates 117 locations across 50+ countries and 6,000+ remote workers. ESI replaced the SD-WAN appliances connecting sites and VPN servers connecting remote users with the Cato SASE Cloud Platform.

Highlights from the deployment include:

  • Reduced M&A Time to Value: “Before Cato, we needed three to four months just to spin up network capacity and get a location online. With Cato, we can bring up a new network site in weeks, not months. That’s real value for our company and our shareholders,” said Collins.
  • Overcoming IT Skills Shortage: “Cato is so easy for our team to use that we’ve been able to remove the ‘grunt work’ often associated with IT and instead focus our efforts on better serving the business. We no longer need to hire tech specialists to run our network or network security infrastructure. Now we focus our recruiting on more scalable IT generalists who can bring more value and innovation to the business,” said Collins.
  • Improved the Security Posture: “We’ve been able to add layers of security for all users that would have been more challenging to deploy in the past—services such as advanced anti-malware, NGFW, SWG, and threat prevention (IPS). It’s not that those technologies weren’t in place before. They were. But Cato simplifies how they are delivered, and that makes all the difference,” says James Schnoebelen, Global CISO at ESI.

Additionally, a simplified user experience was praised by ESI: “Using the old VPN was confusing because it was inconsistent in terms of being on the road versus in the office. People had problems even just connecting. Now our users complain less because the network access is seamless.”

Cato Networks also publicly work with other large brands, including Porsche.

The post Chemical Solutions Org Reduces the Time to Integrate Acquired Companies by 80% with Cato SASE Cloud Platform appeared first on IT Security Guru.

In today’s digital age, where technology is deeply ingrained in our daily lives, ensuring the cybersecurity of our educational institutions has become paramount. K-12 schools are increasingly becoming targets for cyberattacks, highlighting the urgent need for robust cybersecurity measures. With hackers constantly evolving their tactics, it is imperative for schools to deploy intelligence-powered cybersecurity solutions to protect against these threats.

Over the past few years, there has been a significant increase in cyberattacks targeting K-12 schools. For example, in 2023 80% of K-12 schools fell victim to ransomware attacks. Hackers view schools as lucrative targets due to the vast amount of sensitive information they hold, including student records, financial data, and confidential communications. Additionally, the shift towards digital learning platforms has further increased schools’ vulnerability to cyber threats. 85% of U.S. educational institutions have reported an increase in cyber threats since moving to digital learning.

K-12 schools face significant challenges in deploying cybersecurity technology due to budget constraints. With limited funding, schools often struggle to invest in robust cybersecurity measures, leaving them vulnerable to cyber threats. This lack of resources can hinder the implementation of essential security tools, such as firewalls, antivirus software, and security training programs for staff and students. Additionally, maintaining and updating these technologies require ongoing expenses that many schools simply cannot afford. A solution has been developed by local company LANRover with cybersecurity company Centripetal to provide proactive real-time intelligence powered cybersecurity protection against all known threats for K-12 schools titled CleanINTERNET®.

Traditional cybersecurity measures are no longer sufficient to protect against the sophisticated tactics employed by hackers. Schools need to elevate their defenses without major costs or expanding their security team. By implementing intelligence powered cybersecurity, schools can harness real-time threat intelligence from a global network, which allows schools to have visibility into potential threats long before they can impact the network. This technology acts as a shield, safeguarding the network against any malicious activity.

Several schools have successfully implemented intelligence-powered cybersecurity solutions and have seen significant improvements in their security posture. This solution works as it includes having a team of dedicated analysts who have extensive threat hunting expertise, watching the network 24x7x365. Normally, such services would be cost prohibitive for a school district but LANRover’s solution is able to be deployed at a reasonable price point.

CleanINTERNET® allows school districts to:

  • Protect their valuable IT assets and applications in a cost-effective manner. Centripetal analysts provide an additional monitoring layer, tracking any unusual behavior.
  • Monitor and protect personal information such as student records, health records and faculty information. It also helps prevent attacks on intellectual property and sensitive research results.
  • Safeguard the institution, its partners, and stakeholders. The reputation of the institution is at stake and protection in both breadth and depth is paramount.
  • Reduce the overhead of malicious and reconnaissance traffic in the network which has the effect of reducing overall IT costs around collection, storage, and analysis of security event data.

It’s time to reconsider your approach to defending your school against cyber threats. Traditional methods are insufficient against today’s rapidly evolving threats, making it crucial to reassess your defense strategies. By adopting a proactive stance rather than a reactive one, school districts can outpace cybercriminals.

School districts need to embrace a solution that effectively protects against both current and future threat actors, safeguarding digital assets and ensuring uninterrupted learning and collaboration – intelligence-driven cybersecurity.

The post Guest Blog: Securing K12 Schools with Centripetal and LANRover first appeared on IT Security Guru.

The post Guest Blog: Securing K12 Schools with Centripetal and LANRover appeared first on IT Security Guru.

Today, password pros Keeper Security have announced a partnership with St. Anna Children’s Cancer Research Institute (St. Anna CCRI), a renowned Austrian healthcare institution based in Vienna. St. Anna CCRI is a renowned paediatric cancer research institute. Keeper will provide the Austrian institute with secure password management to fortify their digital credential security. This achievement exhibits a significant step forward in ensuring the confidentiality and integrity of critical research data in the fight against paediatric cancer.

The evolving landscape of cybersecurity threats underscores the essential requirement for pre-emptive data security measures, especially in the healthcare sector, to protect valuable digital assets. Confronted with substantial difficulties in overseeing and securing digital credentials using their outdated password management system, St. Anna CCRI sought the assistance of Keeper. Renowned for its state-of-the-art cybersecurity solutions and proficiency in password management, Keeper aimed to enhance the performance of the existing system. The primary objectives included improving user adoption, enhancing visibility and administrator controls, fortifying security measures, and optimising overall operational efficiency in their collaborative environment.

Protecting more than ten million individuals and tens of thousands of businesses worldwide, the opportunity to work with St. Anna CCRI directly aligned with Keeper’s mission to protect individuals and organisations from the most dangerous and pervasive cybersecurity threats. This mission took on even greater meaning and importance with an organisation such as St. Anna CCRI that is working tirelessly to advance healthcare solutions for children. 

“Keeper is honoured to play a vital role in fortifying the digital credentials that drive critical cancer research at St. Anna CCRI,” said Darren Guccione, CEO and Co-founder of Keeper Security. “Our secure password management solutions are designed to empower organisations with the tools they need to protect sensitive data and focus on their core missions.”

Through its implementation of Keeper’s password management platform, St. Anna CCRI experienced enhanced security measures, streamlined access control, and boosted user adoption.

The collaboration between Keeper and St. Anna CCRI stands as a testament to the power of innovative cybersecurity solutions in advancing critical missions. The strides made in enhancing data security, streamlining access controls and improving overall system performance underscore the commitment to excellence shared by both entities. 

Last week, Keeper Security announced their intention to give businesses and consumers more control over the use of security keys, through additional support for hardware security keys as sole 2FA method.

The full case study can be found here: St. Anna Children’s Cancer Research Institute Enables Secure Password Management.

The post Keeper Security Announces Partnership with St. Anna Children’s Cancer Research Institute first appeared on IT Security Guru.

The post Keeper Security Announces Partnership with St. Anna Children’s Cancer Research Institute appeared first on IT Security Guru.

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today revealed that it is supplying managed detection and response (MDR) capabilities to Kingston University free of charge to mitigate the threat of serious cyber disruption during their busiest time of year for student recruitment.

University clearing is like the run up to Christmas for retailers. And in the same way, threat actors are ready to cash-in with info-stealing ransomware attacks,” said Trend Micro’s Technical Director Bharat Mistry. “That’s why we’re offering our MDR expertise to long-time customer Kingston University—to contain any breaches before they can spread.

Each year from July-October, many of the UK’s higher education institutions compete to fill any places they might still have on over 30,000 courses.

The education sector was one of the top four sectors affected by malicious files last year, according to Trend Micro data. In the past, universities have found critical systems supporting Clearing operations taken offline by carefully timed attacks.

Trend Service One’s MDR functionality will slot into Kingston University’s existing Trend cyber protection portfolio, which includes Trend Vision OneTrend Apex OneCloud App Security and Trend Cloud One. It will offer rapid detection and response including:

  • 24/7 analysis, monitoring and correlation of threats across email, endpoint, cloud server and Azure AD
  • 24/7 support via email, phone, and case portal
  • Trend Micro threat analysts that work behind the scenes to detect, investigate, and perform threat hunting
  • Rapid, round-the-clock service response and recovery, guided by Trend experts

“During the intense Clearing Period, the last thing we need is any disruption caused by threat actors”, said Daniel Bolton, Head of Technical Services, Kingston University. 

“Trend’s partnership is invaluable to the University, as their Managed Detection and Response services bolster our defences against potential attacks. With their expertise supporting our in-house cyber security team, we’re confident in our ability to maintain a secure environment at such a critical time.”

The post Trend Micro Protects Kingston University During Peak Clearing Period appeared first on IT Security Guru.

Following a well-publicised ransomware attack in February 2023, Häfele was able to recover in record time by moving to Cato SASE Cloud. The international manufacturer and supplier of furniture fittings, architectural hardware and lighting products rebuilt its 50+ country, 180-site network in under 30 days.

“When your network is down from a cyberattack, every minute counts, and you can’t afford to bring back a partially secured network. You have one shot to do it right and fast,” said Daniel Feinler, CISO, Häfele. “The deployment speed with Cato SASE Cloud was a game changer. By working with Cato Networks, we were able to bring up the entire network with full security in less than a month. It was so fast that a competing SASE vendor didn’t believe us. Cato made it possible.”

“Agility and security are core requirements for every enterprise, and especially in times of crisis,” says Shlomo Kramer, CEO and co-founder, Cato Networks. “We were happy to support Häfele confront such a challenge, and we appreciate their trust in Cato SASE Cloud as their new global network and security infrastructure. Our teams collaborated efficiently and professionally, setting a world record in a large-scale SASE deployment project.”

Häfele Finds the Right SASE Partner

When Häfele, a German family enterprise based in Nagold, Germany, suffered a severe ransomware attack, it forced the company to shut down its computer systems and disconnect them from the internet. At the time, Häfele was in an RFP process to select a SASE vendor.

“We had finished a proof of concept with Cato and were getting ready to move to the next SASE provider when the ransomware attack occurred,” said Mike Bretz, Global Team Lead of Network, Häfele. Instead, the Häfele team turned back to Cato.

Over the next four weeks, Häfele worked with Cato and restored its IT systems. Häfele installed Cato Sockets, Cato’s Edge SD-WAN device, at 180+ sites across 50+ countries such as Argentina, Finland, Myanmar (Burma), and South Africa. A global, unified security policy was configured to help prevent another attack, and 8,000 employees regained secured access to the internet and enterprise resources, including 4,000 mobile users who now use Cato Client for ZTNA.

With Cato SASE Cloud, Häfele is now benefiting from a global, unified multilayer security stack that inspects all traffic in all directions from all edges and provides consistent and comprehensive enterprise-grade security. Häfele’s new security from Cato includes FWaaS, SWG, IPS, Next-gen Antimalware, CASB and MDR – all targeted towards preventing future breaches and maintaining an optimal security posture anytime and anywhere.

The rebuilding of the network with Cato SASE Cloud was so fast that it even surprised Häfele. “I did not think that we could shut down, rebuild and transition our IT systems in less than 30 days,” said Bretz. “Cato defied the odds and performed admirably during a challenging time and under immense pressure. Cato did exactly what they said they would do. This is how you earn customer trust.”

“The Häfele project gave us an opportunity to demonstrate the agility and strength of Cato,” said Alon Alter, Chief Business Officer, Cato. “We delivered our hardware everywhere Häfele needed without delay and leveraged our zero-touch provisioning to reconnect locations in hours not days. Häfele got back to work faster in part because of Cato, which is exactly what customers should expect from a true SASE platform and provider.”

 

The post Häfele Recovers from Ransomware Attack using SASE appeared first on IT Security Guru.

Salt Security, the API security company, is working with Guild Education, the leader in opportunity creation for America’s workforce, to implement the Salt Security API Protection Platform to secure its growing application programming interface (API) ecosystem. Guild relies on APIs for the exchange of private and sensitive student, employer, and school data across its Career Opportunity Platform. With the Salt platform, Guild gains automatic and continuous API visibility, insights into potential data exposure, and API runtime protection to ensure the safety of its customers’ critical data.

 

“Guild supports workers, companies, and educational organisations to build new career opportunities and address increasing talent shortages. Keeping employee, employer, and school data secure has always been a top priority,” said Julie Chickillo, VP, head of security, Guild Education. “The visibility we get with Salt eliminates blindspots, allowing us to better protect the critical and personal information – including employer eligibility updates, student loan reimbursement data, and program applications – being shared via our APIs.”

 

Although Guild looked at other API security solutions, Salt provided the most actionable insights and the most mature platform. Leveraging the robust Salt API security platform, Guild gains:

  • Discovery of shadow APIs – to ensure a complete and accurate API inventory and understand what unknown APIs might exist that could pose security risks 
  • Attack prevention – the most proven algorithms in API security to pinpoint attacker reconnaissance activity, even drawn out over days and weeks, and stop attackers before they reach their objective
  • API security testing – to gain vulnerability insights in pre-production, empowering the Guild development team to improve the security posture of its new APIs 

 

According to the Salt Security State of API Report, Q3 2022, over one third of organisations have experienced more than 100 attempted API attacks per month. Salt Security enables Guild to easily monitor and analyse all API traffic, maintaining an up-to-date view of their entire attack surface. 

 

The Salt Security platform enables organizations to catalogue their APIs, see where they expose sensitive data, detect and block API attackers, scan and test APIs, and provide remediation insights that developers can use to harden APIs and improve the security posture over time. Through its patented API Context Engine (ACE) architecture, the platform can identify the early indicators of an attack, stop attackers from advancing and turn attackers into penetration testers, leading to valuable feedback for security teams to identify and eliminate API vulnerabilities.

 

 

The post Guild Education controls API abuse with Salt Security appeared first on IT Security Guru.

By Alan Radford, Global Identity and Access Management Strategist at One Identity, and Andreas Muller, IT Project Manager at B. Braun

According to Gartner, converged Identity & Access Management (IAM) platforms will be the preferred adoption method for Access Management (AM), Identity Governance & Administration (IGA) and Privileged Access Management (PAM) in over 70% of new deployments by 2025, driven by more comprehensive risk mitigation requirements. These predictions are well understood by One Identity, recently positioned as a Leader in the 2022 Gartner Magic Quadrant for PAM.

One Identity’s Alan Radford and Andreas Muller of B. Braun came together with other authentication professionals to discuss how to get ahead of this issue.

The Challenges:  Managing size, complexity and diversity

B. Braun is a German medical and pharmaceutical device company, working across 60+ countries, with the help of over 60,000 staff. According to Muller, “Our main challenge, from a technical perspective, is consolidation across teams. We are working across several disparate geographies and teams with different owners. All these teams need to pull together in the same direction.”

This structural complexity is further compounded by the strict restrictions in place on medical manufacturing, which needs to be supported by security and Identity & Access Management policies. Restricting access to the data hosted on the B. Braun servers is crucial to ensure it remains compliant.

B. Braun needed a more effective way to manage user accounts and protect data. Andreas Mueller, IT project manager at B. Braun, says, “We had too many manual processes, which increased the time to create or delete a user account. Overall, there was too much risk of unauthorized data access and, therefore, a failure to comply with data security regulations.” Beyond automation, B. Braun also wanted an identity management solution that could drive digital transformation. “We’re moving some of our IT to the cloud,” says Mueller, “so we needed a solution that could talk to our on-premise infrastructure and cloud services, such as Office 365.” B. Braun hired One Identity to launch a proof of concept (POC) for Identity Manager. “Identity Manager delivered all the features we wanted,” says Mueller, “including cloud connectivity. What’s more, the technical sales team at One Identity offered to support a POC that integrated with our internal infrastructure. No other provider would go this far.”

The Results: Automation and support

B. Braun was able to work on improving its security policies by automating account provisioning and deactivation to ensure that Identity & Access Management is not an element of their policy, which is overlooked across multiple geographies. This has also ensured that company data is protected in its hybrid environment, featuring cloud and on-premises systems, both of which were still necessary in its environment.

For more than five years now, B. Braun has been successfully using One Identity’s Identity Manager solution to achieve support for both the company’s internal systems and extranet used by customers. “All the right people have access to what they need now that account creation and termination are automated with Identity Manager,” explains Mueller. “There’s complete transparency and greater protection of company data. Everyone knows the position of their requests within the workflow at any given time. There is also less chance of errors.”

Conclusion: Flexibility and responsibility 

B. Braun’s issues and challenges are a telling insight into the role of IAM partners.

B. Braun looked to their IAM partner to ensure that they could retain the flexibility that a hybrid offering allows for, while bringing together disparate identities across different teams, regions and operational areas, while reducing friction and without compromising its security posture. One Identity was able to offer this, harnessing its years of IAM experience in automated authentication to work on the ‘principle of least privilege’ for both internal and external stakeholders.

Looking forward, B. Braun is hoping to continue to enhance its password management policies, automation programs for Identity & Access Management and to continue its focus on ensuring compliance and security standards are upheld.

 

About One Identity

One Identity delivers unified identity security solutions that help customers strengthen their overall cybersecurity posture and protect the people, applications and data essential to business. Our Unified Identity Security Platform brings together best-in-class Identity Governance & Administration (IGA), Access Management (AM), Privileged Access Management (PAM) and Active Directory Management (AD Mgmt) capabilities to enable organizations to shift from a fragmented to a holistic approach to identity security. One Identity is trusted and proven on a global scale – managing more than 500 million identities for more than 11,000 organizations worldwide.

The post Case Study: Getting ahead of Convergence with One Identity and B. Braun appeared first on IT Security Guru.

Obrela Security Industries recently launched their H1 2022 Digital Universe Study, which provides detailed insight into this year’s security and threat landscape. The results provide a ‘funnel’ view of real-time visibility data, and allow organisations to gain a better understanding of how threats are security are developing, and how they can better protect themselves.  

To put together this report, Obrela collected and analysed 1 PBs of logs as well as 100,000 devices. In this time, they detected 7,369 cyber incidents with an average response time of 7 seconds.  

Using this, Obrela’s security team was able to find out what attack vectors were most prominent and what type of methods threat actors tended to execute when attempting to gain unauthorised access. Some of the more significant shifts within the threat landscape included: 

  • A 16% increase in data breaches, as well as attacks that targeted end users as opposed to corporations.  
  • A 6% upswing in zero-day attacks, particularly exploiting vulnerabilities.  
  • A 12% surge in attacks related to internal threats, such as policy violations, privileged user activity and inadvertent actions.

Looking at particular attack methods, Obrela found that those most utilised were typically malware infection, reconnaissance, data exfiltration and phishing attacks, along with the exploitation of malicious insiders.  

The study also looks into which sectors are most vulnerable to cyber criminals, with banking & financial services, and government/corporate being at the top of the list. This is mostly down to the monetary value that threat actors can extract from exploiting weaknesses in security, as well as the personal and confidential data they store on their servers. In addition, banking, finance, government and corporate sectors play an important role in global economic activity, making them an incredibly attractive target for a criminal looking to exfiltrate information and extort.   

What can companies do to protect themselves?  

To decrease risk and make sure their security posture is up to scratch, organisations must remember to do the ‘basics’. This means, following best practices such as implementing security training, user authentication and access, and protecting their endpoints and brand. In order to boost security and improve security, organisations should extend their best practices to also include network management, as well as network segmentation and Zero trust. These should be deployed across the whole company and its network. Another option is for organisations to partner with an MSSP, who can monitor their IT and cloud infrastructure, removing the pressure from their own IT teams and allowing them to focus on internal issues and tasks; this could make the difference between a secure corporate nature and becoming another breach statistic. 

Emerging use cases 

After analysing the data and devices, Obrela found new incident cases, including:  

Domain impersonation: this is often associated with phishing campaigns, where employees of an organisation or end-users are targeted by cyber criminals pretending to be from their bank. Victims are taken to an impersonation site, via a phishing link, which will prompt them to enter personal information, including bank details or passwords. By the time the victim notices it is often too late, and malicious actors will already have access to their accounts or network.  

Internal Directory Busting: This vector is similar to a brute force web attack, which targets public facing websites. In using this method, threat actors can then exfiltrate personal and confidential data to use for malicious purposes.  

Unfortunately, cyber criminals are becoming increasingly sophisticated and are adaptable to the evolving threat landscape. Organisations must ensure they have the basic cybersecurity infrastructure, but they should also implement an extra layer of protection around their end users and networks. A network or system breach can not only impair their business operation, but it can also significantly affect their reputation, damaging their brand image and often leading to loss of customer trust.  

In partnering with an MSSP who understands the fluid nature of the security market, organisations can better secure their environments and keep their employees and customers protected from numerous cyber threats.  

 The Digital Universe study can help organisations understand what these types of threats are and how to protect against them.

You can find the full report here: https://www.obrela.com/digital-universe-report-h1-2022/  

The post Obrela’s 2022 Digital Universe Study – A look at today’s threat landscape   appeared first on IT Security Guru.