The Phishing Adventures of Huck Phinn, Dangling Bait in Open Waters
Chapter 2 In Chapter One we mentioned that the most common phishing attacks are mass emails sent to as many recipients as possible in hopes that even...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
4 min read
Jason Ingalls : Jul 9, 2020 12:00:00 AM
Adapting to a changing threat landscape due to COVID-19 and organization-wide remote access has meant a busier than usual quarter for cybersecurity professionals. An avalanche of phishing emails urging users to “click for new guidance about the global pandemic” is leading to an increased risk of business email compromise.
At Ingalls, we see these emails succeed all too often, and more ransomware attacks as a result. Since 2010, we’ve been in war rooms and boardrooms investigating targeted attacks by criminals and nation-state sponsored hackers. In this time of heightened activity, we know that IT teams are struggling to keep pace with the volume of security alerts and responses needed to keep environments protected.
It should be no surprise that employees tasked with cybersecurity are burning out. Burnout was the number one stressor identified from 700,000+ employees surveyed globally since March by Glint, LinkedIn’s People Science organization. Justin Black, Head of Glint, notes that comments around burnout doubled from March (2.7%) to April (5.4%) suggesting that it’s a growing threat to the productivity and engagement of today’s workforce.
The World Health Organization (WHO) has categorized burnout as a medical condition, indicating it can occur as a result of chronic workplace stress that has not been successfully managed. While there are multiple characteristics of burnout from feelings of exhaustion to feeling negatively about work, potentially of most cybersecurity concern is the reduction in professional efficacy that occurs.
In a cybersecurity landscape where defenders need to be right every time, and the attackers need only be right once, the consequences of any lapse in employee effectiveness can be significant. And now, especially in cybersecurity, risk factors of burnout are significant and even more critical during this pandemic. Under normal circumstances burnout presents a serious problem for security professionals and for the organizations that depend on them to effectively manage risk, add on the weight of managing a breach which is always an intense and stressful situation.
Some of the most critical risk factors are:
Few organizations seem to be aware of or place adequate attention on addressing the upward trend in burnout. As Ingalls regularly helps our clients prevent and manage breaches through our Managed Detection and Response (MDR) and Incident Retainer and Response services, we knew burnout was a serious threat so we made it a priority to address it in several ways to ensure our ability to continue delivering best in class Cybersecurity Risk Management. An effective cybersecurity program must include people, process and technology. We believe our people are best when they aren’t struggling with too much work and have the capacity to deal effectively with changes in the world around us as well as their personal lives.
Ingalls’ SOC Director, Cyrus Robinson explains why this matters, “Emphasizing self-care amongst team members is critical. There have been occasions where we have actually had to plead with incident responders in a breached organization to take a break and get some sleep. While you may lose some sleep over an incident, being able to think clearly is a critical capability, and that's just not possible without getting sleep. Also, post-incident lessons learned activities, which tend to focus on technical gap analysis, should also take human factors such as resource availability and burnout into consideration.” During these unprecedented times, we believe our clients and team would be better off if we focused on the following ways to manage burnout and the crisis of this pandemic, so we actively:
Through 10+ years working major incident responses (IR), our emphasis on people is what allows us to provide world-class client experiences. We understand cybersecurity attacks, how they occur, and how to effectively respond.
We also offer step-in service for SOC teams facing personnel shortage. We have a simple onboarding process to provide your company the bench it needs to effectively manage risk. We fine tune and curate alerts to aid with your shifting needs without overburdening your team members. “Our focus on solution innovation and improving what we do and how we work for efficiency and efficacy is a value that extends to our customers,” says Sarena O’Donnell, our Chief Risk Officer, “ In addition to our experienced team, we are careful to implement intelligent automation and use the best of breed technology solutions, so that alerts we work and information we share with customers is fine-tuned”.
Through our proven process each client is assigned a dedicated expert who tailors cybersecurity risk management to unique needs, and continuously validates our service is effective. Help your people mitigate burnout and ensure guaranteed measurable, best-in-class cybersecurity risk management.
Contact us to learn more about our MDR and IR options.
About the Authors
Jason Ingalls, CISA, CISSP
Jason Ingalls is an engineer-turned-entrepreneur who founded Ingalls Information Security in 2010. Prior to that, Jason was an Information Assurance engineer and Incident Responder for General Dynamics for 9 years. Jason's professional career in cybersecurity has been spent delivering solutions that reduce information technology risk. Jason leads a team of professionals who deliver information security services, with a core focus on providing technology-enabled services that scale, and serving our client's as a trust advisor for cybersecurity matters.
Janine Byas, SSAP
Ms. Byas is a Cybersecurity consultant who has worked in the industry since 2017. She is an experienced Incident Handler and credentialed Security Awareness Professional (SSAP), has lead multiple digital modernization initiatives inside the government and nonprofit space, and is a communications expert.
|
Chapter 2 In Chapter One we mentioned that the most common phishing attacks are mass emails sent to as many recipients as possible in hopes that even...
Chapter 5 In the previous chapter, we left Huck with no idea he had given a phishing scammer access to his employee network credentials. But beneath...
Chapter 4 Huck had narrowly eluded several phishing traps, and he now routinely screened his work Outlook email inbox for suspicious messages. He...