Five Reasons Why Information Security Is Everyone's Job

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next Five Reasons Why Information Security Is Everyone's Job-2 Next

Social Engineering

Reason #1: Because the human being is becoming the primary attack vector.

Over half of all data breaches involve some kind of failure in security awareness. That means human beings are often the weakest link; we have become the primary attack vector. The majority of these attacks involve spear phishing, namely, online fraud attempts directed at specific individuals or companies.

Social engineering is often the first step in an attacker's plan. You've heard the typical scenario. Somebody pretends to be someone you know, and then gets you to click on something that will deliver a damaging payload. Think about the critical steps along the Lockheed Martin Cyber kill chain - the attacker builds a portfolio of information on the target and exploits different vectors to gain access to sensitive and valuable assets. Attackers can gather loads of information from social networks and even sites like ancestry.com and alumni associations. The attacker might pose as a far-flung relative, a former classmate, or a colleague from the firm you worked at a decade ago before presenting the lure. And often enough, we click the link and are stung.

How do you nurture your inner security geek? Be wary about the information that can be gleaned from your publicly available information or through random contact with you. Take an extra moment to wonder why that person is approaching you now; ask yourself - does their story hold water? Be aware of social engineering, tighten up your defenses, and don't take the bait.

We often think of information security as the realm of highly technical geeks, incomprehensible and happy to remain so. But the truth is that each one of us, as we learn to navigate an increasingly digital, mobile and social info-scape, is getting in touch with our 'inner security geek.' Information security has broken out of the confines of the technically elite and is becoming part of everyone's job and day-to-day life. And that's a good thing.

In this slideshow, Yo Delmar, vice president of GRC, MetricStream, has identified five reasons why information security has become everyone's responsibility, not just the IT department.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.