A simple click on a malicious link can have devastating effects on an organization — stolen credentials, compromised security or, worse yet, a complete standstill of computer systems held hostage by hackers.
In a time when public sector and higher education institutions across the country are facilitating more remote access, organizations must protect against credential-based threats, which can infiltrate networks via inboxes, unsafe Wi-Fi networks and a variety of other vulnerable access points.
Cybercriminals are engaging in more complex attacks to acquire data or individual credentials, according to a recent report from Okta. The report explores security strategies that CISOs and IT leaders should keep top of mind as they build out access for remote users.
“Dual-purpose attacks, for example, are on the rise,” says the report. “In these attacks, hackers leverage tools in already existing Windows or Linux systems utilities and make use of pre-installed or fake tools on these systems. These methods are hard to detect because they look like legitimate processes.”
Security needs a new approach
Leveraging relationships with private industry players can provide public sector organizations access to valuable threat intelligence that can be integrated into their security infrastructures in order to better detect, block and respond to threats.
The report advises public sector IT departments to refocus their security efforts by taking a people-centric approach to security, that strikes a “balance between reducing risk and still keeping employees agile.”
This type of approach is critical with a remote and distributed user base because it helps the organization target security measures around the endpoints, people, that are the ultimate target of these types of attacks.
The report outlines the four ingredients leaders should consider for their security strategy, including:
- Adopt a people-centric approach to protect against credential theft and phishing.
- Identify and gain visibility into the organization’s most targeted users — and then apply granular security policies to them.
- Orchestrate remediation actions on these potentially compromised users, whether that entails quarantining emails, prompting for MFA or adding other adaptive controls.
- Think about restricting access to sensitive resources.
Learn more about how you can protect your organization against credential-based attacks.
This article was produced by StateScoop and EdScoop for, and sponsored by, Okta.