CrowdStrike recently released its 2022 Global Threat Report. I enjoyed the report and its findings regarding the top threats that organizations are fighting in today’s vast and ever-changing cyber threat world, including:
- the continued proliferation of ransomware and crime-as-a-service infrastructures that perpetuate ongoing attacks against businesses and governments
- recognizing those cloud environments are still a vulnerable place with amplified targeted attacks by adversaries and misconfiguration
- prioritizing cloud environments with security and data protection as hardware and software vulnerabilities are still a growing gap for many.
Near the end of the report, CrowdStrike lists recommendations for best practices and guidance to ensure your organization’s maturity roadmap. I enjoyed the quote because it supports what we at Elevate Security recognize: the end-user is the primary source of workforce risk.
The End User as Primary Source of Workforce Risk
“While technology is critical in the fight to detect and stop intrusions, the end-user remains a crucial link in the chain to stop breaches. User awareness programs should be initiated to combat the continued threat of phishing and related social engineering techniques”.
Let’s be very clear, security awareness and training are just a small part of the fight against preventing end-user (workforce) risk. Forrester’s latest SA&T report recognized that the fundamental problem in protecting users stems from understanding not only who in your organization is risky, but why they are risky. This is an insight that is simply not available through the traditional Awareness and Training approach.
Most organizations have a plethora of security and application tool logs and metadata about their users. Many feed this data into a SIEM or their 3rd party MSSP for the purposes of monitoring security events, attacks, and possible breaches, among other anomalous activities. This is all fine, from an offensive stance of maintaining the status quo on “detect, respond and recover.”
Incorporating End-User Risk Assessment Into Your Security Program
Organizations should be taking a well balanced approach to security, one that will still include offensive security measures, while also taking a proactive approach in identifying all risks, quantifying the risks, and building guardrails to further prevent your next incident. What if there was a way to take the most meaningful user logs and quantify risk appropriately by identifying the likelihood that a user could be attacked, might expose data, or even have their credentials stolen? That user risk assessment in the form of a risk/trust score, would enable security teams, engineers and SOC analysts to take meaningful action to curb risky behavior and change the user’s course of action.
Elevate Security delivers valuable insider risk insights to identify and respond proactively to your organization’s highest-risk users. By providing your security teams with the visibility and prioritization necessary to zero in on the most likely source of the next security breach, they proactively prevent it from ever happening. Elevate ingests and analyzes a broad set of existing data about the security-related behaviors of every user to create a context-rich risk profile of the entire company, pinpoint the areas of most significant risk, and offer the specific actions recommended to alleviate those risks and prevent future incidents. Actionable insights and automated playbooks drive differentiated security controls and targeted user communications to improve your organization’s security posture without killing productivity.
Elevate Security is the only company that predicts user risk and proactively stops incidents before they start. Download the Full Cyentia Report, published in partnership with Elevate Security, to start making sense of the user risk landscape in your organization, or schedule a demo and learn how to identify your riskiest end-users using data you already have.