Intelligent CIO Middle East Issue 128 | Page 38

FEATURE
Patricia Titus, Field CISO at Abnormal AI
trajectory. The fire alarm matters even before the building is on fire.
Standard MFA is clearly failing against real-time proxy kits. What is the most pragmatic architectural shift an organisation can make today to neutralise these sessionhijacking techniques?
In the 90s, VPNs were the saviour, then standard MFA was the silver bullet for all of us until it wasn’ t. Now, phishing resistant MFA, for example with passkeys, is the immediate answer. These break the proxy model because the credential is cryptographically bound to a legitimate origin.
But let’ s be honest, most organisations can’ t rip and replace their existing security structure overnight. So in the interim, layer on session level controls – short lived tokens, device binding and continuous reauthentication.
The deeper architecture shift is Zero Trust – as a genuine operating model, not a marketing aside. Assume the session is compromised and verify continuously, not just at login. A lot of us would love it if we could just log in once a day. However, we’ ve moved to cloud and we’ ve moved to SaaS. These are environments where you need to reauthenticate those sessions.
If there was one thing every organisation should do this week, it would be to audit what you’ re protecting and get it off SMS. That is the lowest hanging, highest gross fruit in most environments. If you’ re using SMS texting, that is going to be your downfall.
When attackers rotate domains every few minutes, legacy blacklists are useless. How does your behavioural AI distinguish a sophisticated,‘ never-seen-before’ domain from a legitimate business email?
Email blacklists are fundamentally reactive. By the time the domain makes it onto a list, the campaign is already over. The challenge with Artificial Intelligence is that it moves so quickly. We’ re fighting yesterday’ s threats with
38
INTELLIGENT CIO MIDDLE EAST www. intelligentcio. com