Written by Brianna Leddy, Director of Analysis<\/a><\/p>\n As organizations keep pace with the demands of digital transformation, the attack surface has become broader than ever before. There are numerous points of entry for a cyber-criminal \u2013 from vulnerabilities in IoT ecosystems, to blind spots in supply chains, to insiders misusing their access to the business. Darktrace sees these threats every day. Sometimes, like in the real-world example above, which will be examined in this blog, they can occur in the very same attack.<\/p>\n Insider threats can use their familiarity and level of access to a system as a critical advantage when evading detection and launching an attack. But insiders don\u2019t necessarily have to be malicious. Every employee or contractor is a potential threat: clicking on a phishing link or accidentally releasing data often leads to wide-scale breaches.<\/p>\n At the same time, connectivity in the workspace \u2013 with each IoT device communicating with the corporate network and the Internet on its own IP address \u2013 is an urgent security issue. Access control systems, for example, add a layer of physical security by tracking who enters the office and when. However, these same control systems imperil digital security by introducing a cluster of sensors, locks, alarm systems, and keypads, which hold sensitive user information and connect to company infrastructure.<\/p>\n Furthermore, a significant proportion of IoT devices are built without security in mind. Vendors prioritize time-to-market and often don\u2019t have the resources to invest in baked-in security measures. Consider the number of start-ups which manufacture IoT \u2013\u00a0over 60%<\/a>\u00a0of home automation companies have fewer than ten employees.<\/p>\n In January 2021, a medium-sized North American company suffered a supply chain attack when a third-party vendor connected to the control unit for a smart door.[\/vc_column_text] [vc_row][vc_column width=”2\/3″][vc_column_text]It\u2019s ten to five on a Friday afternoon. A technician has come in to perform a routine check on an electronic door. She enters the office with no issues \u2013 she works for a trusted third-party vendor, employees see her every week. She opens her laptop and connects to the Door Access Control Unit, […]<\/p>\n","protected":false},"author":6,"featured_media":5971,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14,13,26],"tags":[],"yoast_head":"\r\nThreats in a business: A new dawn surfaces<\/h3>\n
Insider threat detected by Cyber AI<\/h3>\n
More about Cyber Security?<\/h2>\r\n
<\/h3> \r\n <\/div>[vc_column_text]Register for the online event Cyber Security Belgium<\/strong>. This event is completely online and starts on the 4th<\/sup> of June<\/strong>! From that moment you\u2019ll have 30 days<\/strong> of access to on demand videos<\/strong> and exclusive LIVE sessions<\/strong>. Don\u2019t wait too long to register, as the LIVE sessions have limited places.[\/vc_column_text][\/vc_column][\/vc_row]\n<\/div>","protected":false},"excerpt":{"rendered":"