Recent geopolitical events have organizations in the public and private sectors and operators of critical infrastructure in the United States and other countries on heightened alert for the potential of nation-state actors targeting them with cyberattacks. And that has chief information security officers (CISOs) and other technology leaders assessing whether their organizations have the right resources in place to help them identify and address digital risks and respond to and recover from cyberattacks effectively.
In addition to hiring technology professionals with cybersecurity skills, organizations can avoid and defend against cyberattacks by employing these and other best practices:
- Making sure software is up to date and promptly patching known vulnerabilities
- Implementing technology for defense, like antivirus software and threat detection solutions
- Backing up critical data and ensuring it’s stored in multiple locations
- Testing and refining incident response plans regularly
- Educating users about cyberattacks and other digital risks
Malicious actors still taking advantage of pandemic-related disruption
Geopolitical dynamics aside, most organizations have already prioritized evaluating the strength of their cyber defenses to confirm they can support the security needs and manage the digital risks associated with remote and hybrid workforces. Cybercriminals have been taking full advantage of the security vulnerabilities created by the rapid shift to remote work and the expanded use of cloud applications during the COVID-19 pandemic. And recent data from the FBI underscores this trend.
The FBI’s Internet Crime Complaint Center saw the number of cybercrime complaints in the United States rise 7% in 2021. That may not sound significant until you consider that this figure represents an 81% increase from 2019. Also, the reported losses from cybercrime incidents last year totaled nearly $7 billion, up more than $2 billion from 2020.
Business email compromise (BEC) attacks were among the costliest scams for the nation last year, according to the FBI. Financial losses from these campaigns — which are designed to steal money or sensitive information from businesses or individual users — totaled about $2.4 billion in 2021.
Reducing the risk of cyberattacks is a team effort
Because people are often top targets for cybercriminals, organizations will want their people active on the front line in helping the business defend against cyberattacks and reduce cyber risks. To get employees engaged in the process, businesses need to frame cyber challenges in a human-centric way that makes sense to every person in the organization — and not just the technology pros.
Building awareness about threat actors inside and outside the organization is important for user education, as it can help employees better understand the digital risks they might encounter. These personas can also help employees determine whether they might be unintentionally increasing digital risks for the business. Following is an overview of the various personas.
The insiders who create digital risks
Threat actor personas include three types of insiders:
Well-meaning users
These individuals will bypass security controls to do their job quickly and efficiently. Here’s an example: A well-meaning user engaged in remote work needs to send a large document to a client, so they find a file transfer service to get the job done. But that service might not be sanctioned by the company’s IT department — or even secure.
Opportunistic insiders
These individuals may willingly undermine security measures. However, they would not go so far as to bypass the organization’s established security controls. In short, if an opportunistic insider sees that controls are missing, they also see a green light to do what they want. That might be visiting risky websites while using company equipment or downloading apps that could be malicious.
Malicious insiders
These individuals are much more than opportunistic: They make conscious decisions to act in a way that could harm the organization or others. Stealing intellectual property or funds from the company are just two examples of malicious insider activity.
The outsiders who create digital risks
As for external threat actors, there are essentially two varieties: sophisticated and unsophisticated.
Sophisticated threat actors include groups such as organized crime syndicates. These operators are often behind the major data breaches, ransomware campaigns and other disruptive cyberattacks that grab today’s headlines.
Sophisticated threat actors have access to significant resources. They’re adept at concealing their activity — sometimes compromising systems and then quietly gathering intelligence for weeks or even months — before launching their attacks. Some craft highly targeted phishing scams to compromise company executives or those who are close to them. And others boldly impersonate brands to trick users into buying counterfeit goods and sharing personal data.
Unsophisticated threat actors rely on well-understood but easily detectible attack methods to compromise users and systems. Ironically, they’re often successful in their efforts because security teams are more focused on deflecting bigger threats, like ransomware attacks.
However, lower-level phishing scams and malicious URLs can also create a lot of noise for companies if they’re not dealt with swiftly and effectively. Also, it’s not unusual to see more sophisticated actors using these less-sophisticated strategies to gain a foothold in an organization’s systems.
What are the five cybersecurity professionals your IT team needs? See this post to find out.
From understanding to action to vigilance
Once everyone in the organization has a clearer picture of the different threat actor personas, they’ll be better equipped to help the business fortify its security and more effectively counter the threat of cyberattacks — especially those that rely on users’ missteps to put them into motion.
Companies can deepen their employees’ understanding of digital risks by conducting a risk assessment to identify potential weaknesses in security controls and policies and pinpoint risky behaviors. They can also bring in professionals to assist security staff with these assessments and user training.
Knowing how threat actors operate and how their cyberattacks can impact confidentiality, privacy and more makes it easier for employees to think about security differently — and more actively. They’ll know how to recognize potential phishing scams in their email inbox, for example. They’ll also be more inclined to think twice before downloading a sketchy app to their work laptop. And when a technology-related obstacle interferes with their productivity, they’ll be more likely to consult IT for a solution.
Threat actor personas and risk scenarios break down the perception of security, including cybersecurity and data security, as a specialist subject. It empowers users to help protect the organization — and themselves. Exploring security challenges across different teams in a remote work or hybrid work environment can be an engaging and productive exercise for everyone involved. It creates an opportunity for shared understanding now — and continued adherence to best practices in the future.
Need to expand your cybersecurity team?
The people working in your IT organization also play a critical role in helping your business the threat of cyberattacks and other digital risks. And if you’re looking to hire IT talent, including cybersecurity professionals, Robert Half can help.
Our specialized recruiters can assist in connecting you with highly skilled professionals who are ready to help your organization meet its rapidly changing IT and cybersecurity needs, whether you have a remote work or hybrid work environment. Contact us today to learn more about our talent solutions.