people centered security

People-Centered Security: Remote Working & People Centered Attacks

Humans have become the weakest link in the cybersecurity chain. Organizations must adopt people-centered security (PCS) strategies to successfully anticipate the growing number of threats that now focus on the end user. Most security budgets and their protocols center around the need to defend against the minority of attacks. Hackers have completely pivoted their focus away from targeting infrastructure and have moved towards the user or person in an organization. A fundamental rethink is required as a sound security policy requires these tools as well as a new emphasis on people center security.

Research from 2019 highlighted data that showed that more than 99% of cyberattacks are human-activated, meaning they need a human being to activate the attack by opening a file, clicking a link or being tricked into taking some other type of action.

PCS isn’t a new trend, but in 2020, it found a new lease on life. With the need to shift to remote work, businesses switched their cybersecurity focus from machines to humans. It is likely there will be a permanent shift to a work from home business model therefore it is imperative to implement a new strategy if one has yet to be created.

Below, we provide a guide on how to create a people-centered security plan.

What exactly is People-Centered Security?

People-centered security is about making your people your defence.

Traditional cybersecurity software protects data by monitoring user activity, restricting employees’ access to certain resources, and blocking phishing emails. However, such software can’t fully protect an organization from security events caused by human errors.

So instead of emphasizing restrictive security controls, businesses are putting more effort into:

  • Providing relevant cybersecurity education for employees
  • Emphasizing employees’ accountability for their actions
  • Showing workers that an organization trusts them

Attackers are now focusing on people rather than machines. That’s why organizations are gradually shifting from a technology-centric to a people-centric cybersecurity approach.

Beyond Remembering Passwords

It’s important to think of your employees as your customers. If you make the process as simple as possible, they will adopt it. Rather than have long strings of passwords that will have to be reset regularly, look into password alternatives. Virtually every expert on the topic has been telling us all for more than a decade that passwords are a lousy, obsolete way to secure anything online. instead, investigate newer authentication technology. These can include two-step authentication also known as two-factor authentication or 2FA. In addition, technologies such as biometrics, temporary/single-use passwords and card and pins can be useful. It’s important to investigate options that would best suit your organization and its employees.

Make the Training Program Fun & Easy

Create a program that you could just as easily explain to someone outside of your organization as those who are inside it. It needs to be comprehensible to anyone with access to a computer. In addition, create trainings people actually want to take part in. Make videos that people want to watch. Include stories they can relate to with a bit of humor added in to make it a wee bit more fun. Better yet, serve Scotch whisky. Getting people really engaged might cost more, but it’ll save you money when cyber criminals attack.

Identifying Very Attacked People

While all employees can fall victim to external attacks on an organisation – some people are more attractive targets than others. These Very Attacked People (VAPs) aren’t always the people you expect. That’s because today’s attacks target users in countless ways, across new digital channels, with objectives that aren’t always obvious.

The most targeted people within the organization are not necessarily always who you would expect. These VAPs are not always C-level executives and company directors. Rather, a CEO’s executive assistant is statistically more likely to be a very attacked person than the CEO. Attackers seek profiles of people who have unique professional contacts and privileged access to data on the network and in the cloud. In addition, anyone who can move money is a likely target.

Just as people are unique, so is their value to cyber attackers and risk to your organisation. They have distinct digital habits and weak spots. The attackers might use psychology to play on weaknesses and vulnerabilities. Perhaps the target has an interest in sports or they have lost a recently departed loved one. The attackers use this knowledge to get them to click a link, visit a website, call a number, enter their personal information or do something they normally wouldn’t consider.

These VAPs are most commonly those with easily discovered identities, having public contact details via corporate websites, social media and blog articles. Many executives who are highly profiled by bad actor’s phishing emails have contact details easily found by a Google search.

Communicate and Educate Continuously

Make security news part of your normal staff communications. Talk to your people about the headline-making hacks that target large corporations and government agencies, as well as the smaller identity theft and payment-app scams we all contend with. Talk about supply chain security and the dangers of using unauthorized devices and shadow IT. Cybersecurity threats can feel overwhelming and scary. Communication helps demystify those threats and makes employees feel empowered to protect themselves and their organizations.

Monitoring Remote Sessions

With more employees working from home, companies are seeking ways of monitoring remote sessions. One compelling case can be made for recording remote sessions for later playback and review. Employers are concerned that in the event of a security breach, they won’t be able to see what was happening on users’ desktops when the breach occurred. Another reason for recording remote sessions is to maintain compliance, as required for medical and financial institutions or auditing for business protocols, etc.

TSFactory’s RecordTS v5 will record Windows remote sessions reliably and securely for RDS, Citrix and VMware systems. Scalable from small offices with one server to enterprise networks with tens of thousands of desktops and servers, RecordTS integrates seamlessly with the native environment.

Click here to learn more about secure remote session recording.

Sources