Employees Must Be Better Educated To Spot Fraudulent Cyber Tactics
February 17, 2023
Cyber security will see a subtle yet significant evolution in 2023, with organizations needing to get smarter about educating employees to spot fraudulent tactics, according to Beazley.
In its latest "Cyber Services Snapshot," Beazley noted that cyber losses as a result of fraudulent instruction increased 13 percent year over year in 2022. The trend is particularly pronounced in small organizations, Beazley said.
To combat the fraudulent instruction vulnerability, organizations must do a better job of educating employees about spotting fraudulent instruction tactics like spoofed emails or domain names, Beazley said. Beazley cautioned organizations to watch for social engineering and spear phishing attacks, bypassing of multifactor authentication, targeting of managed service providers, and compromising of cloud environments as areas of vulnerability.
Beazley also suggested that the cyber-threat landscape will be influenced by greater incident complexity, the way threat actors use stolen data, and an increase in US class actions in 2023.
"At first glance, things hardly seem particularly new as we enter 2023: threat actors are still using the same kinds of ransomware vectors to attack, and we're still talking about the same need for education and controls," Russ Cohen, Beazley's head of US Cyber Services, said in a statement. "But look beneath the surface, and it quickly becomes evident that targeted organizations are facing greater incident complexity than ever before.
"As threat actors bring new sophistication to their techniques and adapt to improved cybersecurity efforts, more and more companies will realize they can no longer count on the default configuration of off-the-shelf IT solutions and tools," Mr. Cohen said.
February 17, 2023