At Workday Rising Europe, Workday security product manager Archana Ramamoorthy discussed why hackers seek to exploit human weakness and how businesses can build a plan to prevent, detect, and respond to this increasing threat. She recommends three steps to take to keep users and data safe.
Some 17 years ago, Bruce Schneier, security expert and CTO at IBM Resilient said, “Only amateurs attack machines; professionals target people.” Almost two decades later, the quote appears prescient. As cyber threats continue to rise on a global scale, humans, rather than technology infrastructure, are the primary target.
At Workday Rising Europe, Workday’s security product manager Archana Ramamoorthy looked at why hackers seek to exploit human weakness and how businesses can build a plan to prevent, detect, and respond to this increasing threat.
“Phishing remains one of the most popular forms of hacking, with 30 percent of phishing messages and 12 percent of phishing attachments or links being opened by users. But there are three common-sense steps to take against phishing attacks and keep users and data safe,” said Ramamoorthy.
The first step is prevention, described by Ramamoorthy as “at-the-door authentication.” Prevention includes the usage of password managers to generate secure passwords and to have good failure policies in place. It also incorporates multi-factor authentication (MFA), which is something the user knows, owns, or, in the case of fingerprint or facial recognition, is.
“在门口验证积极鼓励havior that decreases susceptibility to attack during initial authentication. Workday delivers a globally deployable MFA via app, through one-time access codes, and frictionless MFA via SMS,” said Ramamoorthy.
Ramamoorthy went on to describe the second phase of prevention, which is the careful management of authentication policies.
“Organizations should understand who their users are, what their roles are, and how authentication requirements change across roles. It’s important for businesses to understand that policy reviews and updates are critical over time—as security threats evolve and users remain a constant target,” she said.
The final element of prevention is “just-in-time” authentication for the most sensitive user tasks. Also called “step-up authentication,” tasks that trigger this might include a user accessing a specific set of financial data, which would require an additional form of authentication that would only grant access for a short period of time.
的场地se, prevention is not always possible. When developing a battle plan for cybersecurity, detection is the next key area for consideration, and Ramamoorthy said that being able to identify login patterns is crucial. Workday provides organizations with the ability to report on login details: IP address; username; and whether, and why, the login attempt was or wasn’t successful.
The second phase of detection is understanding user activity. Administrators and auditors both need to understand how users engage across the Workday system. It’s important to understand context, and have the ability to drill down into the sign-on specific information behind login attempts.
Finally, it is important for organizations to have triggers for suspicious activity based on pre-configured rules. Ramamoorthy said that alerts should be used to take action on user privileges to minimize the time it takes stop suspicious activity.
“It’s also important to create a culture of security, whereby employees are continually given education and training around the tell-tale signs and warning areas around cybersecurity.”
Ramamoorthy’s final areas of focus were response and analysis. This includes how to initiate “first aid” to quickly contain an incident and lock out the offending user. Ideally, organizations will have an incident response playbook—without deciding who should be involved in stopping and then analyzing a security incident, companies risk a flatfooted or chaotic reaction.
“It’s also important to create aculture of security, whereby employees are continually given education and training around the tell-tale signs and warning areas around cybersecurity. This should involve phishing exercises, with test emails sent to employees to gain an understanding of how many are clicking dubious URLs,” Ramamoorthy said.
The pace and frequency of cyber attacks show no signs of slowing, nor does the focus on targeting human error as an entry point. Businesses will not be able to prevent every single attack, but a more proactive approach to prevention and detection and better responses and analysis will help limit the impact of such attacks.
More Reading
Venture capitalist Spiros Margaris talked to Workday leaders on his podcast about the challenges and opportunities in artificial intelligence (AI) and machine learning (ML) for businesses.
Responsible AI is a top priority at Workday. Our chief legal officer and head of corporate affairs, Rich Sauer, discusses Workday’s responsible AI governance program.
Two Workday leaders—Cristina Goldt, general manager of workforce and pay for products developed for the office of the CHRO, and David Hudson, vice president of product management for Workday’s payroll products—share why organizations need to rethink their global payroll strategy and explain what organizations need to make the shift.
