Cybersecurity threats come in many different forms. Organizations deal with unpatched vulnerabilities, websites that redirect to unsecured hosts, and so on, however, employees have the ability to make mistakes that even the most robust cybersecurity protocols have trouble preventing.
While employees are trusted with sensitive information and access to critical systems, attacks that require human manipulation are still listed as the most common forms of attacks, such as, phishing and social engineering.
Security and IT teams need people-centric solutions, as well as technology, to tackle this problem. Empowering employees to adopt cybersecurity best practices allows them to be part of the solution and reduce human error. One way to do this is by using security ratings to help identify vulnerabilities that are potentially related to human error and enable organizations to take the necessary steps towards remediation. Security ratings are an objective, data-driven, quantifiable measurement of an organization’s overall cybersecurity performance.
SecurityScorecard’s security ratings offer insights into 10 different risk factor groups, however, today we will focus on 3: Information Leak, Social Engineering, and Hacker Chatter.
Information Leak: Identity leaked account information
Understand if your organization or those organizations that you work with have potentially had credentials from employee accounts leaked.
SecurityScorecard is able to identify account information circulating within the hacker or security research community. By providing this information on your company scorecard, it enables users to take the necessary precautions to mitigate potential threats.
What can companies with leaked credentials do?
One step is to ensure that all passwords have been changed since the indication of a breach. In the case of corporate passwords, check logs for repeated failed login attempts or repeated password reset attempts from suspicious IP addresses. Additionally, Security and IT teams should ensure that employees are not using these credentials for any corporate or third-party logins.
Social Engineering: Identify exposed personal information
Understand if your organization or organizations you work with have had personal information exposed. This personal information could be used in social engineering attacks in order to potentially gain access to other critical systems.
This type of information, such as security questions to reset account passwords, make it much easier and more effective for bad actors to take advantage of or impersonate employees.
What can companies with exposed personal information do?
Since it’s almost impossible to remove information from the internet once it has been exposed, time would be much better spent on cybersecurity awareness training for employees. Empower employees with cybersecurity best practices to better understand indicators of a possible social engineering attack in the future. Send out occasional, unannounced tests to help you gauge an organization’s understanding of cybersecurity protocols.
Hacker Chatter: Find out about potential breaches
While it’s mandatory to report a breach and notify those affected, sometimes an organization may not be aware that they’ve even been breached. Whether a bad actor utilized exposed personal information to gain access to systems, exploited an unpatched vulnerability, or one of the many other ways organizations have been breached, sometimes it takes a while before a breach has been identified. IBM’s The Cost of a Data Breach Report 2020, found that the average time to identify and contain a breach is 280 days. This makes it extremely important for organizations to be able to quickly identify and evaluate any activity around a potential breach, hack, or defacement.
SecurityScorecard enables users to understand if an organization has an alleged breach. SecurityScorecard collects data from social media and known hacker forums for any mention of malicious activity conducted against a domain that belongs to an organization. If identified, the description of the activity, its target, and the source of the allegation is provided and surfaced in the Hacker Chatter factor in the SecurityScorecard platform.
What can companies with alleged breaches do?
Most importantly, investigate the alleged activity to determine if it can be substantiated and remediate as necessary. If your own organization has an “Alleged Breach” issue on their Scorecard, with the appropriate members of your internal team to investigate. If one of your vendors, suppliers, or any third parties you work with has an Alleged Breach issue on their Scorecard, you can easily invite them into the platform to remediate for free.
Empower your employees
Overall, it’s extremely important to incorporate cybersecurity awareness into a company’s culture and enable best practices in order to mitigate human error. However, it’s also crucial to be aware of employee information that may have already been exposed through solutions, like security ratings. This can be an indicator of alleged or future hacks. With this information, Security and IT teams are able to proactively take the necessary steps to protect their organization.
