Five Reasons Why Information Security Is Everyone's Job

1 | 2 | 3 | 4 | 5 | 6 | 7
Next Five Reasons Why Information Security Is Everyone's Job-2 Next

Social Engineering

Reason #1: Because the human being is becoming the primary attack vector.

Over half of all data breaches involve some kind of failure in security awareness. That means human beings are often the weakest link; we have become the primary attack vector. The majority of these attacks involve spear phishing, namely, online fraud attempts directed at specific individuals or companies.

Social engineering is often the first step in an attacker's plan. You've heard the typical scenario. Somebody pretends to be someone you know, and then gets you to click on something that will deliver a damaging payload. Think about the critical steps along the Lockheed Martin Cyber kill chain - the attacker builds a portfolio of information on the target and exploits different vectors to gain access to sensitive and valuable assets. Attackers can gather loads of information from social networks and even sites like ancestry.com and alumni associations. The attacker might pose as a far-flung relative, a former classmate, or a colleague from the firm you worked at a decade ago before presenting the lure. And often enough, we click the link and are stung.

How do you nurture your inner security geek? Be wary about the information that can be gleaned from your publicly available information or through random contact with you. Take an extra moment to wonder why that person is approaching you now; ask yourself - does their story hold water? Be aware of social engineering, tighten up your defenses, and don't take the bait.

We often think of information security as the realm of highly technical geeks, incomprehensible and happy to remain so. But the truth is that each one of us, as we learn to navigate an increasingly digital, mobile and social info-scape, is getting in touch with our 'inner security geek.' Information security has broken out of the confines of the technically elite and is becoming part of everyone's job and day-to-day life. And that's a good thing.

In this slideshow, Yo Delmar, vice president of GRC, MetricStream, has identified five reasons why information security has become everyone's responsibility, not just the IT department.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.