Everyone is talking about AI in cyber…
But showy homes with poor foundations are liable to collapse.
The latest AI solutions in cybersecurity are being actively touted as industry-changing. Companies are evaluating tools, parsing out next year’s budgets, and allocating funds towards emerging tech already.
In fact, the “AI cybersecurity market will top $46 billion by 2027” according to the IDC.
But there’s a huge flaw staring enterprise security teams in the face: AI-driven security solutions won’t deliver until companies address the basics of defensive security.
“Now more than ever, it’s imperative that organizations ensure that foundational security elements are permanently eliminated as a threat vector,” writes Mike Greene.
Foundation First: Back to Basics
Year after year, data shows that the top attack methods deployed by threat actors are basic ones. Phishing schemes, exploited vulnerabilities, and using stolen credentials were again the top three vectors, according to Verizon’s 2023 Data Breach Investigations Report (DBIR).
If companies are clearly struggling to lock down digital defenses against these common problems, now is not the right time to invest in new tools. Instead, organizations should focus on three key—and foundational—aspects of cybersecurity:
Lock Down Password Security
The problem: It will come as no surprise to security personnel that the biggest challenge with password security comes down to human behavior—one of the most prevalent issues being those around password hygiene. Due to a natural desire for convenience and efficiency, users tend to select simple, easy-to-remember passwords (which is mistake number one). Then, due to complexity and re-use rules, users will reuse their favored password across multiple devices and accounts, sometimes making tiny changes to it so that it satisfies requirements.
Unfortunately, these habits are predictable and make it easy for threat actors to infiltrate organizations using attack methods like credential stuffing. Threat actors will download massive lists of known passwords, as well as credential pairs, and use them in nefarious activities. The problem is severe: stolen credentials were involved in 86% of breaches studied.
The solution: Organizations have historically attempted to stymie password vulnerabilities by enforcing complexity requirements and periodic resets but these practices are now outdated. NIST now advises companies to screen credentials for exposure by comparing them against an updated list of compromised or easy-to-guess credentials.
Credential screening is the most effective and efficient way companies can protect passwords in the current market.
Stop Phishing Scams
The problem: Phishing campaigns have grown increasingly sophisticated in recent years. Malicious links have become easier to disguise, while many populations remain too trusting and ignorant of red flags.
The solution: Some studies show that employee awareness training can decrease the likelihood of a successful phishing scheme by 83%. Empowering your team to make informed, skeptical decisions is a long-term solution, too.
Additionally, web filters that prevent users from accessing malicious sites can be an effective tool to deploy in certain circumstances. By keeping your OS, software, and all apps and browsers patched and updated, you can also help your employees avoid being targeted by phishing.
Divert Attention to Endpoint Protection
The problem: 79% of IT teams have witnessed an increase in endpoint security breaches; those attacks include work-related devices as well as devices on home networks. Understandably, a remote and hybrid work environment has extended the challenge as the attack surface has expanded. As more employees use their personal devices for work, or use all their devices on the same network, the environment expands in scope. Every endpoint is a potential entry point for a threat actor, be it a laptop, phone, printer, smart fridge, smart sprinkler system, point-of-sale system, server… you name it.
The solution: Security teams need to adapt to the expanded attack surface. This means deploying data encryption tools, intrusion detection tools, device firewalls, and application controls.
While the industry might be getting some limelight over mainstream advances in tech, security professionals across all industries would be wise to zoom out and re-focus on the basics. A house with purple walls, columns, and a ten-car garage is just as liable to fall down as any other built on flimsy foundations.