When I ask security experts about best practices for preventing breaches and keeping networks malware-free, the response always stresses the importance of education. Employees and general computer users simply aren't educated enough about security.
That stress on education was certainly on my mind when I read an article that explained how the RSA breach happened. If you haven't heard, low-level RSA employees were targeted with a spear phishing attack and at least one employee made the mistake of clicking on the attached Excel spreadsheet, which targeted a zero-day vulnerability in Adobe Flash.
An article on SearchSecurity.com reported:
According to the details released last week, the attackers installed a backdoor and a variant of the Poison Ivy remote administration tool, to reach out to a remote command-and-control server and navigate through RSA's sensitive systems. Once in, the attackers shoulder surfed on the victims, mapped the network and the resources, and started looking for a path to the coveted assets they desired.
There were other issues at play in the RSA attack, which the SearchSecurity.com article explains, but it all began with that first step: someone opening a file because they thought it was real. I see this as a reminder that no matter what industry you are in, security education for everyone who has computer access should be a top priority.