High-tech
Companies can deploy advanced tactics to protect against advanced cyber threats.
By George N. Saliba, Contributing Writer on December 15, 2025
While AI-based threats have increased the stakes in cybersecurity, experts say some companies are still failing to address basic cybersecurity aspects such as updating software, properly deploying anti-malware tools and training employees to avoid being misled by threat actors.
The consequences remain significant: the FBI’s latest Internet Crime Report shows that losses of more than $2.7 billion will have been incurred by 2024 in the business email compromise category alone.
Cybercriminals’ tactics are extensive: AI can learn the pattern of a CEO’s voice from their YouTube presentations, for example, and then use a detailed replica of it to call an employee and instruct them to take compromising actions. AI can also create highly realistic fraudulent emails and individually scan millions of lines of computer code to exploit system vulnerabilities.
Preventive measures
Companies can become a tougher target by taking advantage of the resources offered by managed cybersecurity service providers and using cybersecurity-focused AI to defensively scan their systems. Jeremy Pogue, director of security services at Cranbury-based Integris, notes that cybercriminals are finding easier targets. “Cybersecurity is a bit like camping in bear country,” he explains. “You don’t have to outrun the bear; you have to outrun your friends. The most important thing you can do in bear country is get a slow friend.”
He adds, “Unfortunately, there are a lot of ‘slow friends’ in the small business world right now. The number of businesses that don’t even have an antivirus program for basic security is astounding, and if you can do that, you’ll be ahead of others and reduce a lot of risk.”
It’s not just antivirus software that’s critical: the inability to use advanced system settings and other tools to secure Microsoft Office 365 and/or Google Workspace environments has been a problem for many companies, according to experts interviewed by New Jersey business magazine.
Specific tactics
Additional recommended cybersecurity measures include, but are not limited to: Managed Detection and Response (MDR) software; Endpoint Detection and Response (EDR) software; and DNS filtering, the latter of which essentially prevents employees from accessing unsafe websites. Other techniques include disabling USB ports on all company devices to prevent employees from introducing malware and/or maliciously extracting proprietary data via USB drives.
Common cybersecurity best practices also include using the “principle of least privilege,” where users are granted only the minimum access and permissions necessary to perform their required functions. This prevents, for example, an executive assistant from accessing or damaging the company’s sensitive data.
There’s more: ‘Shadow IT’ refers to employee use of software, hardware or cloud services within a company that is unknown and/or not approved by the IT department. It can easily compromise a company’s cyber defenses, and its use should be prevented through policies and procedures.
Janice A. Mahlmann, CEO and Chief Information Officer at August eTech, based in Monmouth Junction, explains: “(Employees say) ‘I’m going into the cloud; I’m going to use the (unauthorized) cloud product.’ That has to be the biggest problem I see… (Employees, too) are downloading something to their Gmail account, or they’re putting company data into a system that isn’t authorized by the company.”
Employee training
Employees need to be alert in even more ways: formal cybersecurity training for employees is critical to ensuring a secure environment and includes teaching employees to verify the authenticity of an email by, for example, calling the sender; learning to detect fraudulent emails in general; and generally becoming aware of people-related cyber threats that could compromise company defenses. Experts say employees should be aware that many malicious emails are sent from accounts that have themselves been compromised, meaning precautions should be taken on all incoming emails.
Distributed systems
Businesses should also be reminded that their own firewalls and other internal systems are not necessarily central to cybersecurity today, as a large amount of data no longer resides in an on-site data center, but instead in Amazon Web Services (AWS), cloud infrastructure and Software as a Service (SaaS) applications. This makes security around these and many other types of accounts crucial, as they can create openings for cybercriminals.
“(Suppose) it’s a financial organization, and we find a service account running a trading application, and that account hasn’t had its password changed in years,” said Rosario Mastrogiacomo, chief strategy officer at Newark-based SPHERE, an identity hygiene company. “It sounds crazy, but we see that all the time. The gut reaction as a security person is, ‘I’m going to change that password; it hasn’t been changed in years. If that account gets hacked, or if someone who left the company still knows the password, that’s very dangerous for us. We’re transacting through this account.'” He adds, “But if you were to just change the password without consulting the owner first, you could literally stop trading in the organization.”
Mastrogiacomo explains that the person who owns the account must consent to the change, and it can be difficult to locate that person in a company with more than, say, 5,000 employees without using proprietary automation algorithms. SPHERE has software and protocols to address identity hygiene to keep threat actors at bay.
Incident response planning
Not all threats can necessarily be thwarted, and detailed planning of cyber incident response is recommended by coordinating the advice of a cyber insurance company, attorney, managed service provider and possibly a PR crisis team. “Mike Tyson said it best: ‘Everyone has a plan until they get punched in the face,’” Integris’ Pogue explains. “It’s the same with the response to (cyber) incidents. When it comes down to it, we all think we know what we’re going to do, until it’s in the middle of the event, and then it’s like, ‘Oh, well, that’s all stored on the computer that’s locked. How do I call Susie? How do I reach Billy?’ An incident response plan brings it all together.”
He adds, “Cyber incidents are not sprints; they are marathons. The average recovery time is in months; not hours. So you have to figure out a way to make sure you meet payroll during that time and ensure your employees can keep the business running.”
For more business news, visit NJB News Now.
Related articles:
