![[Cybersecurity Awareness Month] Put together for All Method of Cyber Threats Just like the Heroes of ‘The Inside Man’](https://i1.wp.com/blog.knowbe4.com/hubfs/Evangelist-Blog-Roger.jpg?w=1200&resize=1200,675&ssl=1 "[Cybersecurity Awareness Month] Put together for All Method of Cyber Threats Just like the Heroes of ‘The Inside Man’")
Mark Shepherd, the Inside Man, is on a mission.
His shadowy handler has tasked him with uncovering particulars about an enormous merger deal at Khromacom underneath the guise of tightening safety.
Even earlier than his first day, he is already gathered intelligence on his new colleagues by their overshared social media. Simply if you assume you already know which facet he is on, Mark will get caught trying company espionage — however will that cease him from downloading large troves of confidential knowledge?
Actual Tales, Actual World Assaults
Our introduction to Mark as a hacker with a coronary heart turned cybersecurity protagonist is only the start of the thrilling drama discovered inside KnowBe4’s “The Inside Man.” With its skilled manufacturing values rivaling what Hollywood normally does, “The Inside Man” collection is as shut as you may get to a Netflix-style cybersecurity training. Probably the most often requested query KnowBe4 get is when the subsequent season or episode might be out. Think about customers asking for cybersecurity training. It’s that good!
One of many issues that makes The Inside Man so good is the various several types of cybersecurity threats it presents together with many beneficial mitigations. Though “The Inside Man” doesn’t cowl but each kind of risk, it does, over the a number of seasons, cowl most. (For example, it doesn’t but cowl facet channel assaults.)
You and your group ought to perceive the several types of cybersecurity threats and perceive the probability of them getting used in opposition to your group. Listed here are the classifications of identified cybersecurity threats by preliminary root entry trigger:
- Social Engineering
- Programming Bug (patch accessible or not accessible)
- Authentication Assault
- Malicious Directions/Scripting
- Information Malformation
- Human Error/Misconfiguration
- Eavesdropping/MitM
- Facet Channel/Info Leak
- Brute Power/Computational
- Community Site visitors Malformation
- Insider Assault
- third Get together Reliance Concern (provide chain/vendor/accomplice/and so forth.)
- Bodily Assault
Each hacker and malware assault matches into considered one of these classes.
Analyzing the checklist of cybersecurity threats and determining which of them are more than likely to impression you or your organization is paramount. Some threats are way more prone to occur (or trigger vital harm) and a few threats are far much less prone to occur (or not trigger vital harm). Your job is to determine which potential assault sorts are more than likely (or doubtlessly most damaging) and mitigate these first and greatest earlier than concentrating on the much less seemingly assaults. This is named a “data-driven pc protection.”
Deal with the Root Causes
In most organizations, the highest two preliminary root entry causes are social engineering and unpatched software program and firmware. Social engineering is concerned in 70% to 90% of profitable knowledge breaches. No different root trigger comes shut. In Could 2023, Barracuda Networks reported that though spear phishing solely accounted for 0.1% of all email-based assaults, it accounted for 66% of profitable compromises. That’s large for a single root trigger!
Unpatched software program and firmware is concerned in 33% of profitable assaults, in keeping with Google Mandiant. These two prime root causes are accountable for 90% to 99% of cybersecurity threat in each organizations. And in case you don’t mitigate them, the remainder of your cybersecurity defenses most likely don’t matter.
Sure, you might be compromised by one thing else apart from social engineering and unpatched software program or firmware (e.g., SQL injection assault, insider risk, 0-day, and so forth.), however odds are that the way you’re prone to be efficiently assault within the close to future entails social engineering and one thing left unpatched.
The characters of “The Inside Man” could also be fictional, however the cyber threats they’re up in opposition to are all too actual. Be sure you are specializing in the cyber threats more than likely to compromise your atmosphere and/or trigger vital harm. It’s a easy factor that many distracted organizational defenders don’t do.