Microsoft has released its Digital Defense Report for 2023, emphasizing the importance of implementing basic security practices to prevent ransomware attacks. The report highlights that following security hygiene practices, such as implementing multifactor authentication, can prevent 99% of attacks. Microsoft defines a threat- and risk-free environment as one that is protected by proactive measures, including tools and technologies such as malware detection, endpoint detection and response, and vulnerability management.
The report also reveals that human-operated ransomware attacks have increased by 200% since September 2022, with 80 to 90% of these attacks originating from unmanaged devices. Lockbit is identified as the most common human-operated ransomware strain in 2023. The report points out that ransomware operators are increasingly exploiting vulnerabilities in less common software, making it more challenging to predict and defend against these attacks.
Jason Keirstead, Vice President of Collective Threat Defense at Cyware, commends the report’s emphasis on cooperative defense. He stresses the importance of real-time collaboration among trusted internal and external entities to develop effective detection and response plans against cyber threats. Keirstead believes that no organization can afford to waste time reinventing the wheel and developing defenses that have already been established.
The report also highlights the significance of managing third-party risk. Paul Valente, CEO at VISO TRUST, emphasizes the need to assess the defenses of trusted third parties beyond an organization’s boundaries. Valente cautions that vendors often overlook testing the susceptibility of their employees to social engineering attacks, which poses a shared risk to their partners. He cites examples such as the Reddit and Slack breaches, where highly sophisticated phishing attacks compromised employees and jeopardized the security of the organizations they served.
Valente suggests that if a vendor fails to implement social engineering testing, organizations should assess the potential impact of a compromise on their own security. If the vendor has minimal access to the network but could still gain access to sensitive data, mitigation options should be explored. In some cases, it may be necessary to consider alternative third-party solutions if the risks cannot be adequately mitigated.
To address third-party risks effectively, Valente emphasizes the need to focus on the human factor and adopt a shared responsibility approach. Both organizations and vendors should prioritize employee training to resist clicking on malicious links, even with robust defenses in place. Valente emphasizes the importance of collaboration between organizations and vendors and assuming a shared level of responsibility whenever possible.
To enhance the ability to identify and address third-party risks, Valente suggests leveraging tools and solutions like those offered by VISO TRUST. These tools can help organizations pinpoint blind spots in their third-party risk landscape and identify common controls susceptible to cyberattacks. Proactively assessing and managing third-party risks is crucial in bolstering overall cybersecurity posture.
In conclusion, Microsoft’s Digital Defense Report for 2023 highlights the importance of implementing basic security practices, such as multifactor authentication, to prevent ransomware attacks. The report also emphasizes the increase in human-operated ransomware attacks and the need for collective defense and effective third-party risk management. By following these recommendations and collaborating with trusted entities, organizations can enhance their cybersecurity posture and mitigate the risks posed by evolving cyber threats.