Phishing on the Rise
As data breaches continue to grow in number and prominence, phishing has solidified as the preferred method to launch these attacks. According to the Identity Defined Security Alliance’s Trends in Identity Security report, 69% of identity-related incidents stemmed from phishing attacks in the past year.
Also Read: TrueData Introduces Low-Latency Identity API That Fits Into Any Data Workflow
At the same time, the spread of AI applications has given criminals a new tool to launch phishing campaigns faster than ever before. Research published this year in IEEE by a leading team of security researchers, Heiding et al., quantified the impact of AI in phishing-related campaigns and their findings are alarming.
First and foremost, they found that 60% of participants fell victim to AI-automated phishing attacks—a rate similar to phishing attacks designed by experts. Additionally, AI has reduced the cost of phishing by over 95%. When it comes to spear-phishing, a more sophisticated process with higher efficacy in which hackers personalize content for an intended target, AI has reduced the cost to be on par with arbitrary mass-scale emails.
There is a very good chance that the prominence of phishing as the main source of identity related incidents has, in no small part, already been impacted by AI. However, we are likely only at the start of a drastic wave of phishing attacks. In 2025, we anticipate this trend to grow substantially and breaches to become more common. In anticipation, every organization should be keenly focused on implementing the right technology to limit the damage a criminal can do once within their network.
Also Read: Cloud Management Platform, Emma Secures $17Million in Series a Funding
Mitigating Risk Through Zero Standing Privileges
Today’s cyber landscape demonstrates that many current approaches to security are no longer sufficient to protect organizations against the ever-growing AI cyber threats. Organizations should turn their attention to methods that limit damage after a successful breach. Central to this goal, organizations must implement Zero Standing Privileges for their highest-risk resources.
Achieving a state of Zero Standing Privileges is an essential concept for organizations building Zero Trust architecture. As described by the National Security Telecommunications Advisory Committee, Zero Trust is: “a cybersecurity strategy premised on the idea that no user or asset is to be implicitly trusted. It assumes that a breach has already occurred or will occur, and therefore, a user should not be granted access to sensitive information by a single verification done at the enterprise perimeter.”
However, many organizations not only fail to implement multi-factor authentication for sensitive information, but users also hold excessive standing privileges to that data. This combination rapidly expands the blast radius and increases the risk of attackers moving laterally within the environment in the event of a breach.
For organizations that have implemented MFA and are further along the Zero-Trust Maturity model, implementing the Principle of Least Privilege across their cloud infrastructure is often the next biggest challenge. Similar to Zero Standing Privileges, the principle of least privilege is a security best practice where users are only given access to what is strictly required to do their jobs. Organizations often lack visibility into their cloud resources to guarantee this, and revoking access to the resources they can see becomes a constant challenge, especially without the implementation of automated processes.
As AI-driven phishing campaigns increase the number of successful breaches, it will be impossible to remain secure while maintaining standing privileges to important data. Zero Standing Privileges should be the goal. If an employee cannot access important data unchecked, neither can a criminal.
Just-in-Time, Just-Enough Access Adoption in 2025
From an operational point of view, a major drawback to Zero Standing Privileges is the impact it can have on day-to-day operations. Users want to have access to everything they need at will. This is where Just-in-Time (JIT) access and Just-Enough Privileges (JEP) come into play. JIT access control provides permissions on an as-needed basis while JEP ensures that access is limited to only the necessary privileges for that task. Once the task is finished, the access rights are automatically revoked, ensuring that no unnecessary access persists. Rather than slow down operations, organizations adopting JIT, JEP control often experience enhanced operational efficiency. Leveraging automation, organizations can streamline their operations while maintaining stringent security standards. By embracing this paradigm shift, organizations can significantly enhance their security posture and protect against the evolving threats posed by AI-powered phishing attacks.
For this reason, in 2025, there will be an increase in organizations implementing access management solutions to help them achieve Zero Standing Privileges. These solutions offer the security benefits of Zero Standing Privileges while ensuring smooth and streamlined IT operations, ultimately mitigating the risk of unauthorized access and shrinking the attack surface.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
