VIEWPOINT: High Stakes in Cyber Defense-Key Cybersecurity Lessons for Business Leaders

In today’s digital landscape, where cyber threats lurk at every corner, businesses face the daunting task of defending against increasingly sophisticated attacks. According to the 2024 Comcast Business Cybersecurity Threat Report, there’s been a marked increase in the frequency and complexity of attacks, particularly in phishing, ransomware and the exploitation of public-facing applications.

The landscape is expanding with each passing year, making it easier for attackers to exploit a growing number of security flaws in common business software applications. In fact, Comcast Business observed a staggering 29 billion cybersecurity events across its pool of security customers in 2023 – an increase from the 23.5 billion events detected in 2022.

This Cybersecurity Awareness Month, here are three things every organization, regardless of size, should know about protecting against cyber breaches.

- Advertisement -

1. Despite advancements in tech, phishing reigns supreme

Phishing remains the most significant method for initial access, with over 2.6 billion interactions detected by Comcast Business. Phishing is leveraged not only to trick users into revealing sensitive information but has also become a major delivery mechanism for various malware strains. Based on analysis of activity on Comcast Business services, over 90% of the phishing interactions blocked were designed to lead victims to sites hosting malware.

After all, it’s cheap, flexible, easy to deploy and highly successful. By exploiting human nature, attackers gain the initial access needed to infiltrate further into the network. And that’s when the problem gets even bigger. After successfully gaining initial access, attackers stay hidden and compromise domain servers and databases, from which they harvest vast amounts of credentials and other confidential information.

The trend underscores the need for robust anti-phishing technologies, comprehensive user education programs, and email gateway platforms to mitigate an increasingly pervasive threat.

2. Credential dumping is a prominent threat

Maximizing Business Success: The Benefits of Outsourcing Your Accounting Services

In today's fast-paced business landscape, many business owners find themselves stretched thin, juggling multiple responsibilities while trying to grow their companies. From managing operations...

Credential dumping incidents have become more prevalent. In 2023 alone, Comcast Business observed 295 million events where attackers attempted to steal and manipulate authentication credentials. One of the biggest challenges arises when an adversary acquires “legitimate credentials.” Such credentials allow attackers not only to authenticate into systems but also to bypass security measures, escalate privileges and conduct harmful activities unchecked.

Effective countermeasures include implementing multi-factor authentication, continuous monitoring for anomalous authentication activities, and regular audits of credential usage.

3. A proactive approach is essential for effective cybersecurity

In a world filled with uncertainties, it’s crucial to concentrate on the elements within your control. Technology teams benefit most from an integrated combination of robust security solutions that provide comprehensive protection. This setup should include managed security services from a reliable provider to enhance or supplement the capabilities of internal teams. These strategies are essential not just for preventing unauthorized network access, but also for actively detecting and neutralizing threats should they penetrate your defenses.

David Egan is the vice president of Comcast Business for Comcast’s Freedom Region, which serves Greater Philadelphia, New Jersey, New York and Northern Delaware. 

– Digital Partners -