By Joshua Behar
There’s no doubt about it — users pose the greatest danger to cybersecurity in virtually all organizations. As CompTIA’s International Trends in Cybersecurity research concludes, most cybersecurity breaches result from users who are lured by links and payloads delivered via browsers and email.
Despite the time, effort, and money invested in security training, employees, contractors, and other insiders are among the weakest cybersecurity link for businesses today. In fact, according to the Managing Insider Risk through Training and Culture Report conducted for Experian by the Ponemon Institute, two-thirds of the data protection and privacy training professionals surveyed indicated that employees were the greatest risk factor when trying to protect their organization from cyber threats.
In this article, we explore why training is essential, but not sufficient to protect businesses from human factor error in preventing malware attacks. We propose an effective approach to circumvent dependence on employees’ avoidance of potentially deadly behaviors.
We all know the tricks. Why do we fall for them?
Safety training, which encourages employees to think carefully about emails and links, and recognize telltale signs of phishing fakery, is unquestionably important and to some extent, effective. When users are calm attentive and focused, they can generally be trusted to take the analytical “slow thinking” approach they learn during training — rationally assessing pressured appeals and carefully checking for telltale signs of phishing and spoofing.
But even the best training cannot fully root out the cognitive biases that trigger a swift response when time is of the essence. These “fast thinking” shortcuts operate on the unconscious level and streamline the hundreds of small decisions people make every day by limiting the information they must integrate and assess.
Too often, when user defenses are down – when they’re tired, distracted or overwhelmed – training just isn’t enough to overcome default reliance on cognitive shortcuts. It’s a familiar scenario: A warning email arrives from a user’s “bank” or “credit card company,” complete with logo, signature, and a call for immediate action. Stressed and distracted, even knowledgeable users succumb to “fast thinking” and open unknown attachments, click on links, or enter confidential personal information into (seemingly) familiar accounts.
The danger of social engineering
The most successful and dangerous cybercriminals are keen social engineers who excel at taking advantage of these cognitive shortcuts and biases. Hackers depend on users’ kneejerk reactions, snap judgments, and hasty actions. For these black hat psychologists, it’s all too easy to manipulate people into clicking links that they’ve been taught to avoid. Distracted by hectic, multi-tasking, jam-packed workdays, most employees don’t stand a chance against the social engineering smarts of malicious agents.
That’s why, for organizations, today, establishing a strong perimeter defense is key to protecting business-critical data and the users who too often put it at risk.
Cybersecurity without human factor dependence
Remote browser isolation technology offers a highly effective new approach to securing organizational systems. It eliminates dependence on the human factor while ensuring Internet accessibility and user productivity.
Browsing sessions are executed remotely, away from the endpoints and network, in Linux containers located in the DMZ or the cloud. Within the containers, virtual browsers render websites as safe content streams. Sent to device browsers, the streams provide a natural interactive user experience. Through the integration of content disarm and reconstruction (CDR) solutions, organizations can further protect themselves from malware and other malicious payloads that are erroneously downloaded.
A cyber threat tsunami
According to a 2017 G Data Security report, 14 new malware specimens emerge each minute. Hackers are smarter, more cunning, and are relying on human errors through social engineering to find a way in. Last year, the global reach of WannaCry, NonPetya, and Bad Rabbit served as deadly reminders of just how exposed organizations are across all industries.
With the Internet growing more ingrained in all business operations, a new approach is needed to close the gaps in today’s security frameworks. Connectivity and mobility enable organizations to achieve unprecedented efficiencies, but also generate dangerous new security vulnerabilities if they’re not properly managed.
Remote browser isolation represents the next approach to cybersecurity, making it much more difficult for hackers to successfully leverage attacks based on appeals sure to trigger human errors. Analyst firms agree, for this reason among others; Gartner believes RBI technology will continue to evolve into a must-have solution and IDC’s cybersecurity report on “validating the known” further illustrates the sophistication of defenseless solutions.
Remote browser isolation is a “win-win” for enterprises that empowers them to protect their networks yet grant users full, unimpeded access to the Internet. As organizations increasingly deploy remote browser isolation as part of their overall defense-in-depth strategy, hackers will just have to find new weaknesses and vulnerabilities to exploit. After all, they’re human too.
About the Author
Joshua Behar is the President and CEO of Ericom Software, a provider of enterprise-grade secure remote access, desktop virtualization, and web security solutions. He has more than 25 years of experience focused on sales, operations, management, and consulting. Joshua holds a BA in Economics from UCLA and an MBA in Marketing from Bar-Ilan University.