Organisations facing an an unending barrage of cyber attacks should focus not just on beefing up their networks and firewalls but also building up their human-centric resilience against such threats, according to Proofpoint.
Pitching its capabilities in bolstering what it believes is a crucial vulnerability – human users of today’s complex IT systems – the cybersecurity firm argues that people should be “nudged” and encouraged to be wary of threats to avoid letting in the bad guys.
“More attacks are coming through social engineering and not at the network level,” said Proofpoint chief executive officer, Sumit Dhawan.
“By taking over over accounts in different apps, they compromise the environment… so human-centric threat resilient is needed,” he told Techgoondu in an interview last week.
With more people working remotely and job cycles becoming shorter, insider threats have become an important issue today for many organisations, he noted.
When they leave, people may accidentally or even deliberately take away information that can be later used to attack the place they used to work, he explained.
A Proofpoint study last year found that 84 per cent of Singapore’s cybersecurity leaders see human risk, in particular negligent employees, as a key cybersecurity concern.
Last week, the cybersecurity firm opened a new office in Singapore, expanding its regional headquarters as more attacks are hitting Asia-Pacific customers.
Business has grown in the region two to three times faster than globally in the past 12 months, said Dhawan. “It’s not slowing down and it’s going to grow the next two to three years.”
The company has hired 300 employees in Asia-Pacific in the past nine months, doubling the headcount for sales, development and R&D in the region.
How does Proofpoint, which counts governments, banks and other large organisations in Asia-Pacific as customers, help build this new layer of human-centric defence?
It can take a real-world threat that it notices in its monitoring service and turn it into a safe simulation to test and improve user readiness.
So, if there is a popular e-mail phishing attack trending, an organisation can turn it into a harmless exercise to let its corporate users experience and sense what a real threat looks like.
Like other e-mail monitoring tools, Proofpoint’s system also sifts through the content and advises users how risky an e-mail is. A call to perform a critical action like log in to an account or send money would be raise the alarm.
Some messages will be tagged with warnings that nudge users to avoid clicking on a suspicious link, while others are blocked outright if they arrive from a domain that is known to be fraudulent and acts like a fake Microsoft login page, for example.
Security teams can see which e-mails have been tagged with nudges or are blocked. They can compare which departments or users have been targeted more frequently to adjust their controls.
Despite these advances, cyber defenders still have to contend with hackers who are using AI to drastically improve their phishing and social engineering, warned Dhawan.
Advanced threats found in Japan, for example, have “gone off the charts” and grown six to eight times in the past 12 months, he noted.
“There’s no way threat actors learnt Japanese overnight,” he added. “There used to be grammar errors because Japanese is not easy but now the tooling for writing in Japanese is there and it’s sophisticated.”
They key is to tap on AI to build human resilience, by giving users real examples and constantly updating their understanding of the latest threats, he stressed.
Proofpoint uses threats it failed to catch to train its models and every six months, a third of these threats it didn’t catch previously are caught automatically, he noted. “Efficacy keeps improving… through a crowdsourcing model.”
