Mark Shepherd, the Inside Man, is on a mission.
His shadowy handler has tasked him with uncovering details about a huge merger deal at Khromacom under the guise of tightening security.
Even before his first day, he's already gathered intelligence on his new colleagues through their overshared social media. Just when you think you know which side he's on, Mark gets caught attempting corporate espionage — but will that stop him from downloading massive troves of confidential data?
Real Stories, Real World Attacks
Our introduction to Mark as a hacker with a heart turned cybersecurity protagonist is just the beginning of the thrilling drama found inside KnowBe4’s “The Inside Man.” With its professional production values rivaling what Hollywood usually does, “The Inside Man” series is as close as you can get to a Netflix-style cybersecurity education. The most frequently asked question KnowBe4 get is when the next season or episode will be out. Imagine users asking for cybersecurity education. It’s that good!
One of the things that makes The Inside Man so good is the many different types of cybersecurity threats it presents along with many recommended mitigations. Although "The Inside Man" doesn’t cover yet every type of threat, it does, over the multiple seasons, cover most. (For instance, it doesn’t yet cover side channel attacks.)
You and your organization should understand the different types of cybersecurity threats and understand the likelihood of them being used against your organization. Here are the classifications of known cybersecurity threats by initial root access cause:
- Social Engineering
- Programming Bug (patch available or not available)
- Authentication Attack
- Malicious Instructions/Scripting
- Data Malformation
- Human Error/Misconfiguration
- Eavesdropping/MitM
- Side Channel/Information Leak
- Brute Force/Computational
- Network Traffic Malformation
- Insider Attack
- 3rd Party Reliance Issue (supply chain/vendor/partner/etc.)
- Physical Attack
Every hacker and malware attack fits into one of these categories.
Examining the list of cybersecurity threats and figuring out which ones are most likely to impact you or your company is paramount. Some threats are far more likely to happen (or cause significant damage) and some threats are far less likely to happen (or not cause significant damage). Your job is to figure out which potential attack types are most likely (or potentially most damaging) and mitigate those first and best before concentrating on the less likely attacks. This is known as a “data-driven computer defense.”
Focus on the Root Causes
In most organizations, the top two initial root access causes are social engineering and unpatched software and firmware. Social engineering is involved in 70% to 90% of successful data breaches. No other root cause comes close. In May 2023, Barracuda Networks reported that although spear phishing only accounted for 0.1% of all email-based attacks, it accounted for 66% of successful compromises. That’s huge for a single root cause!
Unpatched software and firmware is involved in 33% of successful attacks, according to Google Mandiant. These two top root causes are responsible for 90% to 99% of cybersecurity risk in both organizations. And if you don’t mitigate them, the rest of your cybersecurity defenses probably don’t matter.
Yes, you can be compromised by something else other than social engineering and unpatched software or firmware (e.g., SQL injection attack, insider threat, 0-day, etc.), but odds are that how you’re likely to be successfully attack in the near future involves social engineering and something left unpatched.
The characters of “The Inside Man” may be fictional, but the cyber threats they’re up against are all too real. Make sure you are focusing on the cyber threats most likely to compromise your environment and/or cause significant damage. It’s a simple thing that many distracted organizational defenders don’t do.
Here's what you'll get:
