Splunk Inc.

10/31/2024 | News release | Distributed by Public on 10/31/2024 10:25

Cybersecurity Awareness Month Spotlight: Insights from the Cisco Talos & SURGe Teams

October is Cybersecurity Awareness Month, and to mark the occasion, industry experts from the Cisco Talos and SURGe by Splunk teams gathered for a special episode of Talos Takes filled with engaging discussions and candid opinions, hosted by Splunk's Global Security Advisor Mick Baccio. The focus of the session? Trends, challenges, and what the cybersecurity community needs to be most aware of in today's rapidly evolving threat landscape.

Let's dive into the key takeaways:

1. MFA: The Drum We Keep Beating

One of the most recurring themes was the importance of Multi-Factor Authentication (MFA). The team agreed that despite its simplicity and effectiveness, MFA is still not as widely implemented as it should be.

Tamara Chacon, security strategist at Splunk SURGe, emphasized the need for stronger layers of authentication: "We need to create more authorization tokens as users move through different areas. Just because someone gets in once doesn't mean they should have unfettered access everywhere."

As Nick Biasini, head of outreach for Cisco Talos, put it: "Reading through data dumps is depressing when you realize how many incidents could have been stopped with MFA."

The conversation highlighted a widespread issue: small and medium businesses, particularly, are lagging in MFA adoption. The solution? The group emphasized that beyond just deploying MFA, businesses must also ensure MFA is robustly integrated across networks and not limited to surface-level entry points like VPN tunnels.

2. Generative AI: Friend or Foe?

While the group expressed excitement about the potential of generative AI, they also cautioned about over-reliance. Audra Streetman, senior security strategist at Splunk SURGe, raised an important point about companies needing clear AI policies: "Organizations should ensure their employees know their AI policies and understand the risks of blindly trusting AI-generated content."

The conversation also explored the role of AI in cybersecurity defenses, but concerns about unchecked use, especially in sensitive environments, led to warnings about fact-checking and verifying AI outputs.

3. Misinformation and the Expanding Threat Landscape

When asked about the most critical cybersecurity challenges, the team unanimously pointed to the growing prevalence of misinformation. From election-related disinformation campaigns to everyday social media manipulation, the threat is real and expanding.

Audra noted: "Misinformation can be hard to measure, but its potential to influence decision-making - whether in elections or corporate environments - is undeniable."

Nick added that while we often associate misinformation with politics, it can impact industries far beyond the electoral sphere, creating far-reaching consequences.

4. Password Managers and Infostealers

Insights into infostealers for Joe Marshall, Cisco Talos' senior security strategist, painted a stark picture of why password managers are no longer just a recommendation, but a necessity. He described the alarming speed with which threat actors can exploit compromised credentials: "Once an infostealer has compromised a system, attackers are swift in monetizing those credentials. Password managers are essential for protecting sensitive information."

Nick doubled down on this, urging organizations to treat infostealers as critical incidents, not afterthoughts: "By the time the malware is removed, the credentials are already stolen. It's important to act quickly and protect against these breaches before they happen."

5. Cybersecurity Awareness Training: Can We Do Better?

One of the lighter moments came when the group discussed cybersecurity awareness training, with a particular focus on making it more engaging. Audra argued that traditional training needs a creative reboot: "People are too aware of the basics without being truly impacted by them. Telling a story about cybersecurity, rather than just spewing facts, can create a more meaningful connection. "

The conversation concluded with a mutual agreement that while training is important, it needs to evolve to remain effective in an ever-changing digital landscape.

Final Thoughts: What Should We Be More Aware Of?

As the session wrapped up, the experts offered their personal tips for navigating today's cybersecurity challenges. The biggest takeaway? Cybersecurity isn't just the job of IT teams-it's everyone's responsibility. From adopting MFA and password managers to staying vigilant about AI risks and misinformation, the message was clear: proactive defense is the best defense.

You can catch the full episode, "It's Taplunk! Talos and Splunk threat researchers meet to put the security world to rights" here.