As Black Hat heats up in Las Vegas, host Lorielle Paulk, product marketing manager at IBM X-Force Incident Response and Intelligence Services (IRIS), sits down with Nick Rossmann, research and operations lead at X-Force IRIS, and Jordan Rogers, principal consultant at X-Force IRIS, to discuss the hottest threats in today’s security landscape and the critical advantage of intelligent incident response.
The Ongoing Threat of Account Compromise and BEC
The IBM X-Force IRIS team monitors and analyzes a wide range of attacks — from credit card fraud to ransomware and IP theft — against companies of all sizes. But, according to Rossmann and Rogers, two attack types are consistently successful: account compromise and business email compromise (BEC).
Rogers says his team gets a call every week about one of these threats targeting executives. Beyond the initial compromise, he explains that these kinds of attacks enable advanced persistent threats (APTs) to infiltrate corporate networks.
How Can Companies Reduce the Risk?
With cybercriminals now using social media to tailor effective email campaigns, how can companies reduce their overall risk? Rogers points to email banners and two-factor authentication (2FA). In his experience, adding banners to any outside email with warnings about attachments and links can help red-flag suspicious activity. Especially when combined with 2FA, these banners can frustrate most common attack vectors.
The Value of Incident Response Expertise
Because X-Force IRIS includes experts on both threat intelligence and incident response, the team is able to provide a real-time view of relevant threat activity and help clients identify issues early. Rossmann and Rogers advise companies to take advantage of free tools and to make sure they are getting the most out of the security tools they’re paying for — and when internal capabilities prove insufficient or need backup, the expertise of the IRIS team can be brought on board to handle emerging and never-before-seen threats.
Learn More at Black Hat and Beyond
For those attending Black Hat these week, stop by the IBM Security Lounge at Booth 2104 to learn more about how X-Force IRIS intelligence and services can help your organization before, during and after a data breach. We also invite you to watch the on-demand webinar, “5 Ways X-Force IRIS Can Help You Manage Your Incident Response Strategy.”
Never miss a new episode! Subscribe to the SecurityIntelligence Podcast on iTunes or your favorite podcast platform.