Cybersecurity Without Insanity? It could be as simple as 3 – 2 – 1…
This week: Microsoft stops charging extra for seatbelts; Your User account is still an attacker’s BFF; and many UK business leaders talk about the importance of cyber security but do not prioritise it.
3 – It’s like selling a car and then charging extra for seatbelts
Microsoft has announced that all standard Microsoft 365 license holders will get access to the logs for more than 30 types of security events that were previously only available to higher paying customers, and that all logs will now be stored for 6 months by default”.
By coincidence, the announcement (reported by SC Magazine) follows recent criticism from US government agencies and cyber security professionals about Microsoft only providing these logs to companies paying for more expensive licences. One US senator “fumed that forcing customers to pay for security logging was akin to “selling a car and then charging extra for seatbelts and airbags.”
Key takeaway: Without detailed logs, investigating a cyber attack can be a guessing game. This is a welcome change. Just make sure you turn on the functionality!
2 – The old ones are the best
The use of a valid user account is still the most common way for attackers to gain access to an organisation’s computer systems.
This is according to the US’ Cybersecurity and Infrastructure Security Agency (CISA), which recently released an analysis of the 121 Risk and Vulnerability Assessments that the agency performed in 2022. Attackers can use valid accounts through various methods, including guessing the password and fooling the account owner to reveal their password. Page 5 of the CISA report lists their recommendations to reduce the risks, including “[the enforcement of] a secure password policy requiring phishing-resistant multifactor authentication (MFA) for remote access, strong passwords, unique credentials, and the separation of user and privileged accounts, [as well as] effectively revoking unnecessary or inactive accounts.”
Key takeaway: There are many new attack techniques. But for most attackers, the old ones are the best.
1 – 50% lack confidence in their ability to manage their cyber security defences
50% of UK businesses lack the confidence to carry out the kinds of basic tasks recommended in industry frameworks and benchmarks, or lack appropriate support from their trusted IT third parties.
This is according to research recently published by the UK’s Department for Science, Innovation & Technology, and reported in Computer Weekly. On the plus side, this percentage is similar to the findings published over the last two years. Apparently, “security leaders also found it particularly challenging to engage their bosses on cyber matters, or found that their bosses acknowledged the issue but didn’t prioritise it.”
Key takeaway: Everyone says cyber security is important. But actions speak louder than words.