These three steps are essential to protect yourself against phishing

clock • 2 min read

Phishing is one of the most popular forms of hacking, and incidents are rising

"Phishing remains one of the most popular forms of hacking," Workday's security product manager Archana Ramamoorthy said recently. Perhaps this shouldn't be a surprise: it is easier to fool a person than a machine.

Ramamoorthy was speaking at Workday Rising Europe, in Barcelona, where she told his audience that "30 per cent of phishing messages and 12 per cent of phishing attachments or links [are] being opened by users."

"But," she added, "there are three common-sense steps to take against phishing attacks and keep users and data safe." These can be summarised as prevention, detection and response.

Prevention

The best way to protect against phishing is not to be phished in the first place. This can include password managers to generate secure password, and multi-factor authentication (MFA) - even biometrics.

"At-the-door authentication actively encourages behaviour that decreases susceptibility to attack during initial authentication," said Ramamoorthy.

That's only the first phase, though. To continue to strengthen their prevention, enterprises must manage their authentication policies:

"Organisations should understand who their users are, what their roles are and how authentication requirements change across roles. It's important for businesses to understand that policy reviews and updates are critical over time - as security threats evolve and users remain a constant target."

The final layer is called ‘just-in-time' or ‘step-up' authentication, which is required for a short time when a user is accessing highly sensitive information.

Detection

When prevention fails, victims must have a plan to detect where and why. Ramamoorthy specifically highlighted unusual login patterns as a giveaway: monitoring IP addresses, usernames and the success or failure of login attempts.

Again, there are multiple phases to detection, and the second is understanding user activity. IT teams, administrators and auditors need to understand how users engage across a system. Context is especially important, and teams must be able to examine specific information around login attempts.

Tiggers for suspicious activity, based on pre-set rules, are also key.

Response and analysis

When an incident has been found, it must be dealt with by containing it and blocking the affected user.

Ideally, organisations should have procedures in place to handle these situations; otherwise they risk an incoherent and/or chaotic response.

Equally important to procedures is a business culture that prioritises security:

"It's...important to create a culture of security, whereby employees are continually given education and training around the tell-tale signs and warning areas around cybersecurity," said Ramamoorthy. "This should involve phishing exercises, with test emails sent to employees to gain an understanding of how many are clicking dubious URLs."

While preventing every attack is unlikely, if not impossible, a proactive approach to detection and response will help to limit their impact.

This is a sponsored post by Workday.

You may also like
Google strengthens Advanced Protection Program with passkey integration

Security Technology

To enroll in APP with a passkey, users need a compatible device and browser

clock 12 July 2024 • 3 min read
Microsoft vows to overhaul security, tie executive pay to performance after string of breaches

Security

'We are making security our top priority at Microsoft'

clock 07 May 2024 • 3 min read
Russian cyber spies target German politicians in sophisticated phishing attack

Threats and Risks

Germany's cyber agency BSI warned that state-backed hackers aimed to establish long-term access to German political networks

clock 25 March 2024 • 3 min read

More on Security Technology

CISO: Why we will probably stick with CrowdStrike

CISO: Why we will probably stick with CrowdStrike

CrowdStrike has to take 99% of the blame, but it could happen to others too

John Leonard
clock 22 July 2024 • 3 min read
Going passwordless in mid-size organisations: benefits and challenges

Going passwordless in mid-size organisations: benefits and challenges

The banking world ushered in passwordless in the 2010s, but businesses have yet to catch up

Samara Lynn
clock 19 July 2024 • 6 min read
Google strengthens Advanced Protection Program with passkey integration

Google strengthens Advanced Protection Program with passkey integration

To enroll in APP with a passkey, users need a compatible device and browser

clock 12 July 2024 • 3 min read