Understanding the Current Energy and UtilitiesThreat Landscape
To be proactive, industry leaders need to understand what they face. In this case, that means knowing how cyberattacks are happening. Ninety-four percent of organizations have experienced a data breach at some time in their history; nearly 8 in 10 organizations experienced one in the past two years. The most frequent kinds of attack were credential theft and social engineering or phishing schemes that target employees, a common weak link in a company’s security posture.
Most breaches involve compromised credentials because these attacks work, experts say. A cybercriminal who enters an organization’s network under the guise of an authorized user can often operate largely undetected, compromising the entire operation.
And because roughly half of organizations don’t have a policy on the security requirements of their remote workers — a third don’t even require remote workers to use any method of authentication — unsuspecting users provide easy access for cybercriminals.