Improving Security Cover Slide.jpg
Providers must improve defenses to beat phishing attacks
Through 2020, email-related phishing probes will remain the primary method of advanced targeted attacks to get data from healthcare organizations and other entities, according to Gartner. Effective mitigation of inbound phishing attacks compels chief information security officers to take a multipronged approach that spans technical, procedural and educational controls. Gartner surveys the damage that can be done and ways to mitigate the threat.

Increasing volume and sophistication of phishing attacks are resulting in real financial damage to organizations in both downtime (such as ransomware attacks) and direct financial fraud (such as wire transfers). Phishing content does not always include a malicious payload, making phishing emails increasingly difficult to detect. Phishing attacks against employees have expanded beyond email to include social media, instant messaging, SMS and voice communications.
boxingtie.jpg
Fighting back
Don’t rely on passwords alone for authentication. Phishing attacks frequently target users with access to sensitive data, and attempt to capture passwords in order to impersonate corporate officers. Passwords should not be considered sufficient for anything other than the lowest-risk applications.
p190edskgj1c695ognirv9d4nb.jpg
Take a new fresh look at email
Upgrade to the latest version of your secure email gateway (SEG), and request a policy audit from the SEG vendor to ensure that the most effective security controls are enabled and correctly tuned.
p19lh7616rtpaf27saag6f14gsd.jpg
Adopt filtering technology
Deploy URL filtering (that uses URL proxying and time-of-click analysis), attachment sandboxing, and content disarm and reconstruction (CDR). Ask incumbent SEG vendors to improve notification to end users of suspect emails that cannot be blocked or quarantined.
p19evb6sfgllm1aa48mp17ro1anf7.jpg
Gateway security
Ensure proper desktop and Web gateway security is in place to avoid infections from malicious attachments and URLs.
5. HDM97 AdobeStock_114563741.jpeg
Enforce higher-trust authentication
At a minimum, this should include all system administrators, users that handle sensitive information and users with remote access to corporate resources.
p19jfcp1pu15kl19je1g5gnunbb5e.jpg
Conduct focused training
Implement real-time anti-phishing training, and expand the program to cover social engineering via multiple communication channels, not just email.
4. Cloud Security AdobeStock_163119167.jpeg
Check internal controls
Strengthen internal process controls on financial transactions and other procedures that mitigate the risk of misguided employee actions motivated by phishing content.