September/October 2024
The Influence of Social Media on Cyber-security
Social media is an essential marketing strategy for increasing brand awareness and connecting with consumers. However, using social networks increases an organisations cyber risks. Furthermore, employees personal social media use can also impact employers. Specifically, employees may overshare on social media platforms, not realising that cyber criminals can gather information known as data mining to launch targeted attacks. Considering that more than 60% of people worldwide use social media, according to database company Statista, employers must take steps to minimise the harm it can cause.
Social engineering attacks are associated with social media use. In these attacks, threat actors attempt to manipulate their targets into downloading malware, sharing sensitive information or other compromising activities. Here are two types of such attacks:
1. Spear-phishing attacks – Unlike generic phishing emails sent in bulk by cyber criminals, spear phishing attacks are sent to just one person or organisation. Threat actors use information gathered from social media sites and other means to craft personalised phishing emails, texts or phone calls.
2. Whaling attacks – This scam type targets high ranking executives. Using data mined information, cyber criminals engage in prolonged interactions with senior executives to manipulate them into compromising actions, such as transferring money.
To protect themselves from social engineering attacks, employers should consider these measures to improve social media security:
• Assign a social media manager. Organisations may benefit from having one person assigned to oversee their social media presence. This responsibility may include mitigating the threats associated with its use. Employers must swiftly revoke access if the social media manager changes roles or leaves the company.
• Implement a social media policy. Employers should create a clear, company wide social media policy that includes guidelines on strong privacy settings, secure password creation and device and software updates. The policy should cover bot the business and employees personal social media use.
• Conduct employee training. Employers should conduct robust social media training to help employees understand the risks of oversharing, unaudited privacy settings and public wi-fi use. Training should also include how to spot social engineering attacks.
Additionally employers should implement technical controls, including antivirus software and tools to scan and decode suspicious links.
Managed Detection and Response Explained
The cyber-risk landscape is in a state of constant evolution, with cyber-criminals quick to exploit emerging technologies for malicious purposes. In response, businesses are exploring innovative methods to detect and prevent cyber-attacks. One such option is a managed detection and response (MDR) service, which combines technology and human expertise to monitor and address cyber-threats effectively.
MDR is an outsourced protective service that combines advanced technology and human knowledge to actively seek, detect, monitor and respond to cyber-threats. It offers organisations an opportunity to improve their cyber-security position in a cost-effective manner. Although each provider’s specific services differ, the technological component of MDR typically consists of tools that conduct various cyber-defence functions, such as vulnerability scans, threat monitoring, data analytics, and sending alerts and automated responses. Artificial intelligence and machine-learning technologies can also be used to improve detection algorithms and analyse large amounts of information. The human component of an MDR system often comprises a dedicated cyber-security team of experts. These trained individuals can understand specific cyber-risks, recognise abnormalities, triage alerts, and respond to threats or provide guidance to the business on how to do so.
Although MDR services can significantly benefit organisations and strengthen their cyber-security posture, they also present the following challenges:
• Complex integration with existing security systems may be necessary, and compatibility issues with a business’s current cyber security infrastructure may arise.
• Dependence on third party providers may reduce a business’s autonomy and the outside providers servicers may not always address issues as desired by the business. Additionally the outside service provider may have access to sensitive company data.
• Uncertainty regarding the scope of services provided can emerge due to ambiguities in the service agreement, creating confusion within an organisation regarding duties and responsibilities.
• Alert fatigue may become an issue and companies may need to take steps to manage it while ensuring high fidelity threat detection remains in place.
MDR services provide cyber defence benefits, but they also have challenges. Business should analyse their needs to decide if MDR is right for them. Contact us today for more information.
Navigating the Cyber insurance claims process
When a cyber-incident strikes, employers need to know how to navigate the claims process and understand what their insurance may cover. Although response measures may vary based on the nature of an incident and its associated losses, here are three general steps for employers to take amid the cyber-insurance claims process:
1. Notify important parties. Once organisations have validated a cyber-incident, they should swiftly execute their cyber-incident response plan and contact necessary parties (eg the Information Commissioner’s Office, Action Fraud and their cyber-insurance provider) to kick-start the investigations and claims processes. In addition, employers should coordinate with impacted vendors to help remediate the situation and minimise related damage.
2. Mitigate the incident and document associated expenses. Employers should work closely with their brokers and claims adjusters to calculate the total expenses incurred and determine insurance cover capabilities. This entails keeping detailed records of all associated damage and restoration costs.
3. Resolve the claim and determine key takeaways. Organisations should finalise any supporting information required to help the insurer resolve the claim. Upon receiving payment, employers should conduct a post-incident analysis to identify cyber-security weaknesses and guide improvements.