Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture
welivesecurity.com
What do M&S and Co-op Group have in common? Aside from being among the UK’s most recognizable high street retailers, they were both recently the victims of a major ransomware breach. They were also both targeted by vishing attacks that elicited corporate passwords, providing their extorters with a critical foothold in the network.
These identity-related breaches cost the two retailers over £500 million (US$667 million), not to mention an incalculable reputational damage and impact on end customers. The bad news for organizations operating in various verticals, including critical infrastructure providers, is that they’re just the tip of the iceberg.
Why identity matters
Why has identity become such a popular attack vector? Part of it stems from the way companies work today. There was a time when all corporate resources were safely located behind a network perimeter and security teams defended that perimeter with a “castle-and-moat” strategy. But ...
Copyright of this story solely belongs to welivesecurity.com . To see the full text click HERE