SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
DLP
#
Email Security
Research shows importance of people-centric security
Fri, 2nd Sep 2022
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

In August, it was reported that Singapore faced more cyber attacks in 2021 with key malicious activities such as phishing, ransomware, and botnet drones taking centre stage.

With all these scams around, cybersecurity firm Proofpoint says individuals and organisations need to be more cognisant of such malicious attacks, and build better cybersecurity posture from a people-centric standpoint.

Smishing vs. Phishing: Understanding the Differences

SMS-based phishing (also known as smishing) is a fast-growing counterpart to email phishing. Although different in their structures, they have a similar approach in terms of how they lure victims: through social engineering.

Proofpoint says smishing attempts tend to be shorter and less elaborate than email lures, and exploit peoples trust in mobile messaging where high click rates and responsiveness are key. In fact, victims may fall for smishing attacks more frequently, as although both mobile numbers and email addresses can be masked, email headers contain much more detailed information that may allow recipients to spot a malicious message if they are observant.
 
According to a Cloud Security Alliance (CSA) and Proofpoint study, 58% of organisations surveyed reported that third parties and suppliers were the target of a cloud-based breach in 2021.

Key findings from the  CSA and Proofpoint study include:

  • Organisations are struggling to sufficiently secure new cloud environments implemented especially during the pandemic, while maintaining legacy equipment and adapting their overall security strategy to the evolving landscape
  • Increasing reliance on third parties and partners exacerbates the risk of supply chain threats, with some 58% of organisations reporting that third parties and suppliers were targets of cloud-based breaches.
  • Forty three per cent of organisations listed protecting customer data as their primary cloud and web security objective for 2022. Despite this, only one-third, some 36%, of them have a dedicated Data Loss Prevention (DLP) solution in place.

"As organisations adopt cloud infrastructures to support their remote and hybrid work environments, they must not forget that people are the new perimeter," says Mayank Choudhary, executive vice president and general manager of Information Protection, Cloud Security - Compliance for Proofpoint.

"It is an organisation's responsibility to properly train and educate employees and stakeholders on how to identify, resist and report attacks before damage is done," Choudhary says.

"Cultivating a culture of security within and around your organisation coupled with the use of multiple streamlined solutions is critical to effectively protect people against cloud and web threats and defend organisational data."

Related stories
RiverSafe teams up with Cribl to boost IT & data security services
Half of online traffic in 2024 generated by bots, report finds
Cisco launches Hypershield for AI-driven security upgrade
Keeper Security launches user-friendly passphrase generator
Axis unveils hybrid cloud platform for adaptable security solutions
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption