Providers must improve defenses to beat phishing attacks
Through 2020, email-related phishing probes will remain the primary method of advanced targeted attacks to get data from healthcare organizations and other entities, according to Gartner. Effective mitigation of inbound phishing attacks compels chief information security officers to take a multipronged approach that spans technical, procedural and educational controls. Gartner surveys the damage that can be done and ways to mitigate the threat.
Increasing volume and sophistication of phishing attacks are resulting in real financial damage to organizations in both downtime (such as ransomware attacks) and direct financial fraud (such as wire transfers). Phishing content does not always include a malicious payload, making phishing emails increasingly difficult to detect. Phishing attacks against employees have expanded beyond email to include social media, instant messaging, SMS and voice communications.
Stock image of person wearing business suit and boxing gloves
Don’t rely on passwords alone for authentication. Phishing attacks frequently target users with access to sensitive data, and attempt to capture passwords in order to impersonate corporate officers. Passwords should not be considered sufficient for anything other than the lowest-risk applications.
Take a new fresh look at email
Upgrade to the latest version of your secure email gateway (SEG), and request a policy audit from the SEG vendor to ensure that the most effective security controls are enabled and correctly tuned.
Arrows moving throw the tunnel of transformation
Adopt filtering technology
Deploy URL filtering (that uses URL proxying and time-of-click analysis), attachment sandboxing, and content disarm and reconstruction (CDR). Ask incumbent SEG vendors to improve notification to end users of suspect emails that cannot be blocked or quarantined.
Ensure proper desktop and Web gateway security is in place to avoid infections from malicious attachments and URLs.
Business manager is touching AUTHORIZED on an interactive virtual control screen. Business metaphor and information technology concept for management of computer and network access control.
Leo Wolfert/leowolfert - Fotolia
Enforce higher-trust authentication
At a minimum, this should include all system administrators, users that handle sensitive information and users with remote access to corporate resources.
Conduct focused training
Implement real-time anti-phishing training, and expand the program to cover social engineering via multiple communication channels, not just email.
System Security Specialist Working at System Control Center. Room is Full of Screens Displaying Various Information.