Many entities fight an uphill battle against increasingly clever phishing and related scams that lead to serious data compromises, say former CIA analyst Eric Cole and former Department of Justice Assistant Attorney General David Kris, who are both advisers at security firm Theon Technology.
“Humans are weak. The quality of the phishing emails is so high that a normal human cannot detect just by looking at it. And the [bad actors] move very fast once they break in,” Kris says. “They can come in with an HVAC vendor or point-of-sale cash register and move laterally, unless your network is protected in a zero trust architecture,” he says in an interview with Information Security Media Group.