8 basics for analysts

LN Mishra is co-founder and COO of Adaptive US, the author of more than 20 business-analysis books, and is listed as having trained thousands of business analysts worldwide (councils.forbes.com)). Microsoft’s security guidance says basic cyber‑hygiene measures can block roughly 98% of common attacks and that enabling multifactor authentication can prevent about 99.9% of account compromise attempts. (techcommunity.microsoft.com)) The FBI’s 2024 Internet Crime Report logged 859,532 complaints and more than $16 billion in reported losses, with phishing and spoofing remaining the single most‑reported category of internet crime. (ic3.gov)) Mandiant’s M‑Trends 2025 analysis found credential theft rose to about 16% of initial‑access methods while vulnerability exploitation accounted for roughly 33%, making stolen credentials and exploits the top two entry vectors observed. (infosecurity-magazine.com)) The International Institute of Business Analysis and industry commentary highlight that business analysts routinely work with sensitive data and shape system access and workflows, placing them in a position to reduce exposure through control and process design. (iiba.org)) Commercial telemetry shows the risk is accelerating: Check Point reported a 160% year‑over‑year increase in compromised credentials in 2025, and security news outlets have cited datasets showing billions of stolen logins in the same period. (blog.checkpoint.com)) Phishing evolved toward AI‑assisted campaigns in late 2024–early 2025, with KnowBe4 reporting that roughly 82.6% of observed phishing emails used AI techniques and a 22.6% rise in phishing‑delivered ransomware payloads between Sep 15, 2024 and Feb 15, 2025. (knowbe4.com))