Week 2: Defending Against Phishing Attacks

 Phishing attacks to this day remain as a great threat in the cybersecurity world, it often exploits human vulnerabilities in order to gain unauthorized access to sensitive data. The article I read today, NCSC, outlines a comprehensive, multi layered defensive strategy that companies and corporations can implement to reduce such risks The approach discussed includes implementing anti-spoofing controls in order to prevent attackers from impersonating legitimate email addresses. While also educating users to recognize and report any suspicious email they may come across. The NCSC also recommends deploying technical measures such as filtering or blocking incoming phishing attempts. Ensuring that everyone is made aware of the necessity for incident response planning, making all the individuals in the company capable of acting quickly if any breaches are likely to occur. If the layers were to be enforced within an organization, then they would be capable of significantly enhancing their security against any phishing attack.

Source:

“Phishing Attacks: Defending Your Organisation.” NCSC, www.ncsc.gov.uk/guidance/phishing. Accessed 28 May 2025.

Comments

Post a Comment

Popular posts from this blog

Week 1: Enhancing Security with Multi-Factor Authentication (MFA)

 Multi-Factor Authentication which is also known as MFA, is a security process that requires users to verify their identity using two or more factors. As explained by the article I read this week, OneLogin explains factors as something they know such as a password, something they have which could be a smartphone. It can also be a security token or something they are, which can be a person's face or fingerprint. The way Multi-Factor Authentication works is in layers, and since it works in such a layered approach, it makes it significantly harder for attackers to gain unauthorized access. Even if one factor is compromised by attackers, as long as the other ones hold up attackers will not have access. As cybersecurity threats continue to grow, MFA stands in front of it as a simple yet powerful counter to enhance digital protection. It is best for all if not most companies to adopt Multi-Factor Authentication, as not only is it simple to implement, but it will help companies and busine...
Read more

Week 3: Zero Trust in Cybersecurity

 Zero Trust is one of the newer ways of thinking in cybersecurity, and in all honesty, reasonably so. Instead of assuming everything inside a network is safe, the idea of Zero Trust is that you should never automatically trust anything. Whether that be the users, the devices connected to the network, or even the applications you use. The article I read today, and learned this information from, is called CrowdStrike, and they break it down well by explaining that implementing this model comes with a lot of perks. Implementing this mindset means constantly checking systems, stricting access control, and implementing the least privilege principle to keep systems secure. Now that many companies are switching to working remotely and having data in the cloud, relying on just firewalls to be the last barrier to your data is not enough anymore. Implementing Zero Trust ensures that when working with systems, to never trust the system and always verify instead of trusting the system, but sti...
Read more