Looking Back, Moving Forward: 5 Key Takeaways from Vision 2023

Frank Abagnale. Rachel Tobac. James Linton. What do they all have in common?

Well, they all made names for themselves by scamming others. A convicted felon and now a security consultant, Frank Abagnale pretended to be both a PanAm pilot and a hospital physician in his attempt to defraud others through check fraud. Meanwhile, Rachel and James are best known for their white hat hacks, where they show others how easy it is to socially engineer people into completing tasks.

And the other thing they have in common? They were speakers for our Vision 2023 virtual conference. If you missed it, here are some of the biggest themes and key takeaways from the exciting event.

We may no longer be fooled by check fraud, but social engineering hasn’t changed that much in the last four decades—as scammers still rely on the human element to gain access to systems and defraud people of their money.

In our opening keynote with Frank Abagnale, we heard why identity theft is so rampant and how to defend against it (hint: human error plays a major role.) And our closing session with Rachel and James detailed how former hackers simply altered domain information or used a voice changer to trick people (including White House employees) into providing them with sensitive information.

Unfortunately, these are only a few examples of what is possible, as cybercriminals everywhere rely on fear and urgency to convince employees to input credentials, approve invoices, and send money. Many things have changed over the past few years—but tricking humans has not.

Perhaps this is no surprise, given the reliance on social engineering mentioned above, but business email compromise (BEC) continues to increase drastically.

In our session with the Secret Service, our panelists detailed how impersonation tactics are shifting from executive impersonation to vendor fraud—and why this type of BEC can be much more convincing to the target. They also provided some insight into where they expect cybercriminals to turn next, leading us to…

Email has been available to threat actors as an entry point into organizations for decades. And while they are increasingly effective at using it, they unfortunately are not stopping there. The security leaders on our CISO panel discussed new threats targeting their employees, including text-based threats like smishing and email platform attacks that are gaining access through integrations with third-party applications.

The good news is that they’re also thinking about how to keep their organizations safe from these evolving attacks with new types of security solutions. As Joral Van Os, CISO for Acrisure, stated, "The adoption of emerging technologies can be a real competitive advantage and it can not just increase your security posture, it can also prevent entire classes of attacks and help you scale like never before."

Moral of the story? Effective security is a constantly moving target as attacks change, and new solutions may be needed to protect against them.

For SOC teams, protecting customers and internal company data is a number one priority. But it can be incredibly difficult when much of their time is spent on operational tasks like investigating risks and monitoring the dozens of tools required to keep the organization safe.

During Vision 2023, the operational leaders in our SOC panel discussed the give-and-take required to balance both day-to-day tasks and future strategy. They shared that they often lose the ability to prioritize strategic items in their efforts to keep their employees and customers safe from harm.

For these leaders, there is a balance needed in order to both understand current threats and what they may see in the future. Mick Leach, Head of SOC Operations at Abnormal, stated, “If you better understand what you're trying to protect and how to protect it, then you can easily overlay the technologies that you need to do that.” And ideally, you can find security solutions that give you time back—rather than requiring time to run them.

Whether you have Microsoft or Google, a secure email gateway or not, email attacks are likely bypassing your existing defenses. The session from KnowBe4 showed how easy it is for attackers to bypass your multi-factor authentication methods, and Valimail showed us how threat actors can use your exact domain to trick employees into clicking malicious links or providing sensitive data. And as our CISO panel discussed, direct inbound attacks are only the first step in gaining access to your systems.

In the session with Microsoft, our presenters discussed exactly how attackers are using advanced social engineering techniques to send business email compromise attacks, and even going a step further—oftentimes using third-party applications to gain read/write access to entire email accounts. So what is the solution?

Multiple layers of protection. While Microsoft can provide basic levels of security against spam, credential phishing, and malware, tools like Abnormal Security are needed to truly defend against more advanced attacks. Further, all organizations should have DMARC atp=reject, which solutions like Valimail can help provide. Finally, tools like KnowBe4 can provide security awareness training to end users to ensure that they can detect attacks that may sidestep existing defenses.

As we start the new year and look forward to new opportunities, we must recognize that threat actors are doing the same. With losses from BEC continuing to grow each year, and attackers finding new ways in, protecting your email environment is more important than ever before.

You can learn more about these takeaways and hear directly from our speakers by watching the entire Vision 2023 conference on demand. And stay tuned as we announce our Vision 2024 speakers soon. We look forward to seeing you there!

For more information about how Abnormal can provide you with more advanced protection from business email compromise and other threats, request a demo today.