Passwords – cybersecurity’s favourite hot topic

During Cybersecurity Awareness Month, we’re once again reminded about the importance of using strong passwords and password managers as the first line of defence against cybercriminals.

As one of security’s most discussed topics, the risks have been back in the headlines recently with news that thermal imaging cameras and AI can be used to identify the heat signatures people leave behind when typing in passwords on screens and keyboards.

Researchers at the University of Glasgow found their technology could accurately reveal passwords for up to a minute after they had been entered. The concern is that techniques like these will be employed by cybercriminals to circumvent this most widely used form of security.

Focus on cyber hygiene

Password theft is, of course, nothing new with the earliest documented case appearing over 50 years ago. Today, strong password strategies have also become a core element of effective cyber hygiene, or in other words, those tasks we should all be regularly carrying out to make sure our devices, networks and data remain healthy and secure.

Many organizations also see cyber hygiene as an issue that mainly applies to their employees, how they approach cybersecurity and the risks they inevitably bring. As a result, they put too much emphasis on tactics like ‘box ticking’ cybersecurity training, assuming it’s the best way to minimize the chances of a successful attack.

While there is always a place for promoting some level of cyber hygiene, attackers increasingly rely on predictable human behaviour to tip the odds of success in their favour. Instead, organizations need to remove threats from the equation before the decision to make an unwise choice is presented to the user and they fall victim to a phishing attack, for example.

The same arguments apply to the dangers posed by file-based security threats and vulnerabilities, with users inadvertently trusting that files are seemingly safe and secure, only to activate malware after opening a file that might look completely genuine.

With these file-based cybersecurity threats increasing faster than ever, traditional reactive detection-based security solutions – such as antivirus and sandboxing – can’t keep up. Eliminating these threats lies at the core of Glasswall’s zero-trust CDR (Content Disarm and Reconstruction) solutions. Our approach proactively and instantaneously rebuilds files to their “known good” security standard, so customers benefit from safe, clean files that have been rebuilt to the manufacturer’s published specification, removing any places for malware to hide.

To learn more about Glasswall zero-trust CDR, click here.

‍