How to Protect Your Organization Now, more than ever, as the cyberthreats increase in both number and sophistication, it is essential that organizations remain ever-vigilant and ensure that they are taking the necessary precautions to prevent and mitigate attacks. Based on our experience working with a large number and variety of organizations, the following steps should be taken to protect against the threat of leaked records and stolen access credentials: In the event of a data leak, inform the affected users, instruct them to change their passwords. The importance of using strong passwords, as well as not reusing them on more than one platform, should be emphasized Two-factor authentication should be enabled, if possible, for all users in order to make it more difficult to gain unauthorized access to users’ accounts Remind employees not to use their organizational email address to register on external third-party services, and ensure that employees understand that doing so can put the organization at risk of illicit actors gaining unauthorized access to organizational data Add the leaked passwords to your organization’s blacklist, so that leaked passwords will not be used again, putting the organization at risk of a repeat attack Search for the malware setup in the organization’s network based on the malware path If the compromised passwords were also used by the employees for organizational systems, a full scan of the systems should be performed to rule out the option of infiltration by unauthorized entities Raise employee awareness regarding phishing and social engineering attempts and the importance of having patched and updated anti-malware and security systems on their computers Regularly implement security updates and patches released for software and systems used by the organization, and verify that they are updated with the latest version 17 Year of GenAI 2 Threat Snapshot 3 Vulnerability Intelligence 4 Stolen Access Credentials 6 Tips 7 Ransomware 5 Key Findings 1