Security professionals are continually harping on about how “security is everyone’s responsibility” and we all play a part in ensuring we protect our personal and business information.
Why should you care about security?
“That’s why we have Firewalls, Intrusion Detection and Antivirus, that’s what Bill the IT guy gets paid to look after, Right?
To some degree this is true, Bill and his team would look after the installation, maintenance and troubleshooting of all System and Network related incidents to ensure that the internal and external facing infrastructure remains secure.
This is all fine, until your organisation is faced with a breach and then it quickly becomes apparent that the problem was not due to Bill having a bad day and leaving a firewall wide open, it originated from a targeted social engineering campaign which resulted in Ted being subject to a Phishing attack and unwittingly transferring 20k to what he thought was the CEO.
Humans are still the weakest link in the IT Security domain, its human error and lack of security awareness that causes the majority of breaches within an organisation. At least 33 percent of breaches originate from ex-employees who still have access to the internal infrastructure. It is not their fault if you don’t have a defined process to disable accounts and revoke active directory privileges when they leave.
There is no getting away from the fact that as a society we have come to rely on the Internet, more of us have succumb to the lure of social media, online shopping, streaming entertainment and online gaming. All of these leave a massive footprint of information within the virtual web spread across the globe.
Are you aware of how much information you have shared ? Either by choice or unknowingly.